www.geelongadvertiser.com.au Open in urlscan Pro
23.199.76.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bdfd570557412730e7c5b3...
Effective URL:
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fne...
Submission: On June 28 via manual (June 28th 2023, 11:47:39 am UTC) from AU — Scanned from AU

Summary HTTP 288 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 69 IPs in 8 countries across 44 domains to perform 288 HTTP transactions. The main IP is 23.199.76.145, located in Tseung Kwan O, Hong Kong and belongs to AKAMAI-AS, US. The main domain is www.geelongadvertiser.com.au. The Cisco Umbrella rank of the primary domain is 795391.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 15th 2023. Valid for: a year.

This is the only time www.geelongadvertiser.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 11	23.199.76.145 23.199.76.145	16625 (AKAMAI-AS) (AKAMAI-AS)
2 10	104.83.196.200 104.83.196.200	16625 (AKAMAI-AS) (AKAMAI-AS)
19	192.0.66.58 192.0.66.58	2635 (AUTOMATTIC) (AUTOMATTIC)
5	13.227.254.68 13.227.254.68	16509 (AMAZON-02) (AMAZON-02)
1	184.26.20.144 184.26.20.144	16625 (AKAMAI-AS) (AKAMAI-AS)
18	118.215.80.114 118.215.80.114	16625 (AKAMAI-AS) (AKAMAI-AS)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.69.168.60 104.69.168.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.56.28.14 23.56.28.14	16625 (AKAMAI-AS) (AKAMAI-AS)
8	13.35.8.115 13.35.8.115	16509 (AMAZON-02) (AMAZON-02)
2	54.156.85.3 54.156.85.3	14618 (AMAZON-AES) (AMAZON-AES)
14	13.227.254.117 13.227.254.117	16509 (AMAZON-02) (AMAZON-02)
8	74.125.24.139 74.125.24.139	15169 (GOOGLE) (GOOGLE)
11	52.43.206.219 52.43.206.219	16509 (AMAZON-02) (AMAZON-02)
4	74.125.200.157 74.125.200.157	15169 (GOOGLE) (GOOGLE)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1	18.155.68.27 18.155.68.27	16509 (AMAZON-02) (AMAZON-02)
1	52.88.112.86 52.88.112.86	16509 (AMAZON-02) (AMAZON-02)
1	63.140.36.130 63.140.36.130	16509 (AMAZON-02) (AMAZON-02)
1 1	3.1.137.229 3.1.137.229	16509 (AMAZON-02) (AMAZON-02)
4	172.217.194.92 172.217.194.92	15169 (GOOGLE) (GOOGLE)
3	13.224.249.23 13.224.249.23	16509 (AMAZON-02) (AMAZON-02)
15	74.125.68.94 74.125.68.94	15169 (GOOGLE) (GOOGLE)
4	54.192.150.56 54.192.150.56	16509 (AMAZON-02) (AMAZON-02)
2	42.99.140.187 42.99.140.187	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
1	13.35.16.234 13.35.16.234	16509 (AMAZON-02) (AMAZON-02)
2	63.140.36.148 63.140.36.148	16509 (AMAZON-02) (AMAZON-02)
2 4	104.254.151.120 104.254.151.120	29990 (ASN-APPNEX) (ASN-APPNEX)
8	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1 1	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
1	54.179.176.233 54.179.176.233	16509 (AMAZON-02) (AMAZON-02)
1	104.22.52.86 104.22.52.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
4	142.250.4.154 142.250.4.154	15169 (GOOGLE) (GOOGLE)
1	64.233.170.132 64.233.170.132	15169 (GOOGLE) (GOOGLE)
4 5	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
1	13.224.249.38 13.224.249.38	16509 (AMAZON-02) (AMAZON-02)
9 17	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
24	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	104.91.76.201 104.91.76.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	54.66.105.184 54.66.105.184	16509 (AMAZON-02) (AMAZON-02)
1	18.155.68.45 18.155.68.45	16509 (AMAZON-02) (AMAZON-02)
2 5	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	199.127.207.180 199.127.207.180	26120 (RHYTHMONE) (RHYTHMONE)
2 2	18.141.80.142 18.141.80.142	16509 (AMAZON-02) (AMAZON-02)
4	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
1 1	3.219.198.131 3.219.198.131	14618 (AMAZON-AES) (AMAZON-AES)
1	54.70.49.196 54.70.49.196	16509 (AMAZON-02) (AMAZON-02)
18	172.253.118.138 172.253.118.138	15169 (GOOGLE) (GOOGLE)
1 6	74.125.24.147 74.125.24.147	15169 (GOOGLE) (GOOGLE)
1 1	104.69.166.9 104.69.166.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
8 8	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2	54.251.134.114 54.251.134.114	16509 (AMAZON-02) (AMAZON-02)
1	54.192.150.103 54.192.150.103	16509 (AMAZON-02) (AMAZON-02)
1	54.255.159.244 54.255.159.244	16509 (AMAZON-02) (AMAZON-02)
2	34.195.37.97 34.195.37.97	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	67.199.150.86 67.199.150.86	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	103.71.26.125 103.71.26.125	132134 (SPOTX-AS-...) (SPOTX-AS-AP SpotXchange)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	74.118.186.107 74.118.186.107	6336 (TURN-US-ASN) (TURN-US-ASN)
4	52.84.228.218 52.84.228.218	16509 (AMAZON-02) (AMAZON-02)
1	172.253.118.97 172.253.118.97	15169 (GOOGLE) (GOOGLE)
1	104.91.76.188 104.91.76.188	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	74.125.24.148 74.125.24.148	15169 (GOOGLE) (GOOGLE)
8 8	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
3	104.254.150.228 104.254.150.228	29990 (ASN-APPNEX) (ASN-APPNEX)
3	3.123.99.39 3.123.99.39	16509 (AMAZON-02) (AMAZON-02)
1 2	74.125.130.155 74.125.130.155	15169 (GOOGLE) (GOOGLE)
4 4	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
4	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
3	44.239.151.24 44.239.151.24	16509 (AMAZON-02) (AMAZON-02)
4	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
1	13.35.8.63 13.35.8.63	16509 (AMAZON-02) (AMAZON-02)
3	74.125.24.132 74.125.24.132	15169 (GOOGLE) (GOOGLE)
288	69

11 23.199.76.145 (Tseung Kwan O, Hong Kong) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-76-145.deploy.static.akamaitechnologies.com

www.geelongadvertiser.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
commerceapi.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.83.196.200 (Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-200.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 192.0.66.58 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

dsf.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.227.254.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-68.sin52.r.cloudfront.net

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.26.20.144 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-20-144.deploy.static.akamaitechnologies.com

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 118.215.80.114 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a118-215-80-114.deploy.static.akamaitechnologies.com

subscriptions.geelongadvertiser.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.168.60 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-168-60.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.28.14 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-28-14.deploy.static.akamaitechnologies.com

a20352597942.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.35.8.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-115.sin5.r.cloudfront.net

subscriptions.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.85.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-85-3.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.227.254.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-117.sin52.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.24.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f139.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.43.206.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-206-219.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.200.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-27.sin52.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.112.86 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-112-86.us-west-2.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.36.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-130.data.adobedc.net

newscorpau.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.1.137.229 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-137-229.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.92 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.249.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-23.sin52.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.192.150.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-56.sin2.r.cloudfront.net

au-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 42.99.140.187 (Central, Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-187.pacnet.net

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.16.234 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-16-234.sin5.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.36.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-148.data.adobedc.net

metrics.geelongadvertiser.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.151.120 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.176.233 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-176-233.ap-southeast-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.158.64 (Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f132.1e100.net

d8ede64fb0b4059f92faa47208f01578.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.10.154 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-38.sin52.r.cloudfront.net

rm-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.223.40.198 (United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.91.76.201 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-76-201.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.66.105.184 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-105-184.ap-southeast-2.compute.amazonaws.com

au.pixel.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-45.sin52.r.cloudfront.net

ncg.tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.5.84.243 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.180 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.141.80.142 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.198.131 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-198-131.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.70.49.196 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-49-196.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.253.118.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f138.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.125.24.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.166.9 (Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.251.134.114 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-134-114.ap-southeast-1.compute.amazonaws.com

secure-sdk.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-103.sin2.r.cloudfront.net

mhpyayiqn1hzo3n7ehl5rdesuwt9v1687952842.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.255.159.244 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-159-244.ap-southeast-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.37.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-37-97.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.86 (Singapore)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.71.26.125 (Singapore) 1 redirects

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.118.186.107 (Singapore)

ASN6336 (TURN-US-ASN, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.91.76.188 (Tseung Kwan O, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-76-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.125.24.148 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f148.1e100.net

8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.143.106.89 (Singapore) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.123.99.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-99-39.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.213.12.39 (Tokyo, Japan) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.239.151.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-151-24.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.8.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-63.sin5.r.cloudfront.net

au.audience.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	stripe.com js.stripe.com — Cisco Umbrella Rank: 1911 q.stripe.com — Cisco Umbrella Rank: 13866 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 11784 r.stripe.com — Cisco Umbrella Rank: 6242 m.stripe.com — Cisco Umbrella Rank: 1737	653 KB
40	google.com 1 redirects news.google.com — Cisco Umbrella Rank: 5509 pay.google.com — Cisco Umbrella Rank: 3447 adservice.google.com — Cisco Umbrella Rank: 113 play.google.com — Cisco Umbrella Rank: 58 www.google.com — Cisco Umbrella Rank: 10	545 KB
24	geelongadvertiser.com.au 5 redirects www.geelongadvertiser.com.au — Cisco Umbrella Rank: 795391 subscriptions.geelongadvertiser.com.au metrics.geelongadvertiser.com.au	596 KB
23	newscorpaustralia.com dsf.newscorpaustralia.com — Cisco Umbrella Rank: 716378 login.newscorpaustralia.com — Cisco Umbrella Rank: 143719	474 KB
21	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 383 js.adsrvr.org — Cisco Umbrella Rank: 1592 insight.adsrvr.org — Cisco Umbrella Rank: 603	18 KB
21	news.com.au 2 redirects tags.news.com.au — Cisco Umbrella Rank: 54713 subscriptions.news.com.au — Cisco Umbrella Rank: 896644 ncg.tags.news.com.au — Cisco Umbrella Rank: 173820 commerceapi.news.com.au — Cisco Umbrella Rank: 884361	296 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com	671 KB
16	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 8228261.fls.doubleclick.net — Cisco Umbrella Rank: 189840 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	158 KB
12	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 218 newscorpau.demdex.net — Cisco Umbrella Rank: 130779	16 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1111 sync-tm.everesttech.net — Cisco Umbrella Rank: 796	2 KB
8	yahoo.com 8 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	2 KB
8	googlesyndication.com d8ede64fb0b4059f92faa47208f01578.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	41 KB
8	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 acdn.adnxs.com — Cisco Umbrella Rank: 587 secure.adnxs.com — Cisco Umbrella Rank: 469	10 KB
6	serving-sys.com secure-ds.serving-sys.com — Cisco Umbrella Rank: 2036 bs.serving-sys.com — Cisco Umbrella Rank: 1260 lm.serving-sys.com — Cisco Umbrella Rank: 2030	27 KB
6	imrworldwide.com cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3365 secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 8754 mhpyayiqn1hzo3n7ehl5rdesuwt9v1687952842.nuid.imrworldwide.com	68 KB
6	newscgp.com au.tags.newscgp.com — Cisco Umbrella Rank: 136832 au.pixel.newscgp.com — Cisco Umbrella Rank: 160180 au.audience.newscgp.com — Cisco Umbrella Rank: 174637	49 KB
5	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1357 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	3 KB
5	dotmetrics.net au-script.dotmetrics.net — Cisco Umbrella Rank: 52905 rm-script.dotmetrics.net — Cisco Umbrella Rank: 5088	21 KB
5	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 679 cdn3.optimizely.com — Cisco Umbrella Rank: 5114 a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 219939 logx.optimizely.com — Cisco Umbrella Rank: 1371	95 KB
5	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1029	19 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	933 B
3	rubiconproject.com 1 redirects token.rubiconproject.com — Cisco Umbrella Rank: 652 pixel.rubiconproject.com — Cisco Umbrella Rank: 374	2 KB
2	google.com.au www.google.com.au — Cisco Umbrella Rank: 20481	563 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2053	16 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 794	1 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 496	501 B
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1242	401 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1662 beacon.krxd.net — Cisco Umbrella Rank: 620	529 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1132	1 KB
2	pubmatic.com image5.pubmatic.com — Cisco Umbrella Rank: 63836 image2.pubmatic.com — Cisco Umbrella Rank: 1036	455 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	133 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2759 pixel.wp.com — Cisco Umbrella Rank: 2584	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 169	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	54 KB
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 613	99 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 634	412 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 662	501 B
1	scanscout.com 1 redirects dt.scanscout.com — Cisco Umbrella Rank: 45096	698 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1745	402 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1447	15 KB
1	omtrdc.net newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 370865	276 B
1	api.news content.api.news — Cisco Umbrella Rank: 76545	11 KB
288	44

	Domain	Requested by
24	r.stripe.com	js.stripe.com
19	dsf.newscorpaustralia.com	www.geelongadvertiser.com.au dsf.newscorpaustralia.com subscriptions.geelongadvertiser.com.au
18	play.google.com	www.gstatic.com
15	www.gstatic.com	news.google.com pay.google.com www.gstatic.com www.google.com
14	js.stripe.com	subscriptions.geelongadvertiser.com.au js.stripe.com
14	subscriptions.geelongadvertiser.com.au	www.geelongadvertiser.com.au subscriptions.geelongadvertiser.com.au
11	match.adsrvr.org	5 redirects www.geelongadvertiser.com.au js.adsrvr.org
11	dpm.demdex.net	tags.news.com.au www.geelongadvertiser.com.au
10	tags.news.com.au	2 redirects tags.tiqcdn.com au.tags.newscgp.com
8	ups.analytics.yahoo.com	8 redirects
8	sync-tm.everesttech.net	8 redirects
8	q.stripe.com	www.geelongadvertiser.com.au
8	news.google.com	subscriptions.geelongadvertiser.com.au news.google.com www.geelongadvertiser.com.au www.gstatic.com
8	subscriptions.news.com.au	client subscriptions.news.com.au
8	www.geelongadvertiser.com.au	5 redirects www.geelongadvertiser.com.au subscriptions.geelongadvertiser.com.au
6	insight.adsrvr.org	4 redirects js.adsrvr.org
6	8228261.fls.doubleclick.net	3 redirects www.geelongadvertiser.com.au
6	www.google.com	1 redirects subscriptions.geelongadvertiser.com.au www.gstatic.com www.google.com www.geelongadvertiser.com.au tpc.googlesyndication.com
5	cm.g.doubleclick.net	4 redirects www.geelongadvertiser.com.au
5	tags.tiqcdn.com	www.geelongadvertiser.com.au subscriptions.geelongadvertiser.com.au tags.tiqcdn.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	x.bidswitch.net	4 redirects
4	js.adsrvr.org	secure-ds.serving-sys.com insight.adsrvr.org
4	www.facebook.com	www.geelongadvertiser.com.au
4	au.pixel.newscgp.com	au.tags.newscgp.com
4	adservice.google.com	securepubads.g.doubleclick.net 8228261.fls.doubleclick.net
4	ib.adnxs.com	2 redirects www.geelongadvertiser.com.au
4	au-script.dotmetrics.net	tags.news.com.au www.geelongadvertiser.com.au au-script.dotmetrics.net
4	pay.google.com	js.stripe.com pay.google.com www.geelongadvertiser.com.au www.gstatic.com
4	login.newscorpaustralia.com	www.geelongadvertiser.com.au login.newscorpaustralia.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	m.stripe.com	m.stripe.network
3	lm.serving-sys.com	secure-ds.serving-sys.com
3	secure.adnxs.com	www.geelongadvertiser.com.au
3	dsum-sec.casalemedia.com	www.geelongadvertiser.com.au js.adsrvr.org
3	cdn-gl.imrworldwide.com	tags.news.com.au cdn-gl.imrworldwide.com
3	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net
2	fonts.gstatic.com	www.google.com
2	www.google.com.au	www.geelongadvertiser.com.au
2	m.stripe.network	js.stripe.com m.stripe.network
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	sync.search.spotxchange.com	1 redirects www.geelongadvertiser.com.au
2	us-u.openx.net	1 redirects www.geelongadvertiser.com.au
2	ping.chartbeat.net	www.geelongadvertiser.com.au
2	pixel.rubiconproject.com	1 redirects www.geelongadvertiser.com.au
2	secure-sdk.imrworldwide.com	www.geelongadvertiser.com.au
2	commerceapi.news.com.au	subscriptions.geelongadvertiser.com.au
2	ps.eyeota.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	metrics.geelongadvertiser.com.au	tags.news.com.au
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	logx.optimizely.com	cdn.optimizely.com
1	au.audience.newscgp.com	au.tags.newscgp.com
1	www.googleadservices.com	www.googletagmanager.com
1	acdn.adnxs.com	www.geelongadvertiser.com.au
1	www.googletagmanager.com	secure-ds.serving-sys.com
1	sync.1rx.io	www.geelongadvertiser.com.au
1	trc.taboola.com	www.geelongadvertiser.com.au
1	image2.pubmatic.com	www.geelongadvertiser.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	mhpyayiqn1hzo3n7ehl5rdesuwt9v1687952842.nuid.imrworldwide.com	www.geelongadvertiser.com.au
1	id5-sync.com	cdn.id5-sync.com
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net	www.geelongadvertiser.com.au
1	usermatch.krxd.net	1 redirects
1	dt.scanscout.com	1 redirects
1	ncg.tags.news.com.au	au.tags.newscgp.com
1	image5.pubmatic.com	www.geelongadvertiser.com.au
1	rm-script.dotmetrics.net	www.geelongadvertiser.com.au
1	d8ede64fb0b4059f92faa47208f01578.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	token.rubiconproject.com	www.geelongadvertiser.com.au
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	merchant-ui-api.stripe.com	js.stripe.com
1	d.turn.com	1 redirects
1	static.chartbeat.com	tags.tiqcdn.com
1	cm.everesttech.net	1 redirects
1	newscorpau.sc.omtrdc.net	tags.news.com.au
1	newscorpau.demdex.net	tags.news.com.au
1	au.tags.newscgp.com	tags.tiqcdn.com
1	pixel.wp.com	www.geelongadvertiser.com.au
1	a20352597942.cdn.optimizely.com	cdn.optimizely.com
1	content.api.news	www.geelongadvertiser.com.au
1	cdn3.optimizely.com	cdn.optimizely.com
1	stats.wp.com	www.geelongadvertiser.com.au
1	cdn.optimizely.com	www.geelongadvertiser.com.au
288	86

This site contains links to these domains. Also see Links.

Domain
www.dailytelegraph.com.au
www.heraldsun.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.ntnews.com.au
www.thechronicle.com.au
www.themercury.com.au
www.townsvillebulletin.com.au
www.theaustralian.com.au
www.news.com.au
preferences.news.com.au

Subject Issuer	Validity	Valid
news.com.au DigiCert TLS RSA SHA256 2020 CA1	`2023-01-15` - `2024-01-14`	a year	crt.sh
dsf.newscorpaustralia.com R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2023-02-26` - `2024-02-28`	a year	crt.sh
subscriptions.news.com.au Amazon RSA 2048 M02	`2023-04-21` - `2024-05-19`	a year	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-06-24` - `2024-07-22`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-05-12` - `2023-08-13`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-07` - `2023-07-06`	3 months	crt.sh
au.tags.newscgp.com Amazon RSA 2048 M01	`2023-02-22` - `2024-01-23`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.dotmetrics.net Amazon RSA 2048 M01	`2023-03-01` - `2023-10-21`	8 months	crt.sh
secure-ds.serving-sys.com R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
metrics.geelongadvertiser.com.au DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-19` - `2024-07-19`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
www.newsconnect.com.au Amazon RSA 2048 M02	`2023-03-10` - `2024-04-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon RSA 2048 M01	`2023-04-12` - `2024-05-10`	a year	crt.sh
bs.serving-sys.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
lm.serving-sys.com Amazon RSA 2048 M01	`2023-02-14` - `2024-02-15`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.google.com.au GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
au.audience.newscgp.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 36 frames:

Primary Page: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
Frame ID: B0829F625272E9479B45CDF5E38147C6
Requests: 95 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: 40C73684C96228425A55B0E749AF9B7F
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=5xwbDRbdzrudqUR24bz_YvnoQtw8_31b&nonce=rkJFNCsBNOeD31KDmwHB-j.58K_6MboR&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMS4wIn0%3D
Frame ID: 119C3EC274902A513DCED474BFA19C5C
Requests: 5 HTTP requests in this frame

Frame: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
Frame ID: 202A308663F0C8F4235EB92B77BA3C4A
Requests: 29 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-5679dc69c45f0f121502d89b62217976.html
Frame ID: 884E22C9CDA439784468C338B0282A1A
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-c468beca5019e1c058b54c075cd15f20.html
Frame ID: 6F83B27BC959A962F2BCD6117A1D576E
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-ab38e0d678531368fb4e43464ab7c2d1.html
Frame ID: 027D8CC478C0FBD6BEDBE0E7D3A52F5E
Requests: 5 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 5410D1B0B482D815C93CB5171B2C314F
Requests: 22 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1687952840736&publicationId=geelongadvertiser.com.au
Frame ID: FAA04716B27ACAC9E4BB57077A16ED31
Requests: 13 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fsubscriptions.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Y3pqbYlN89yCvf0LXQMM6J~mqHR8yfeA&nonce=VJYbCZQibG8bZDqKjkkbLjab_Oa_oTwY&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMS4wIn0%3D
Frame ID: 14240E60BADD1DE598168CADE5A9DF9D
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 79930596FDC5F223505E2DF1A1A9AB77
Requests: 13 HTTP requests in this frame

Frame: https://d8ede64fb0b4059f92faa47208f01578.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0CEE87A9384D88BF0F9A571592F87BD5
Requests: 1 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 530A970FEFCA220150EF76CBB524F2DD
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 34EFCC9A12FD767E221A5E232D1179FC
Requests: 3 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: CA6913A03A242F918693631257F6318D
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-842662438
Frame ID: BF9AE75194C181F9F8C3C1122FC4DE11
Requests: 6 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 0FB7393139A6A93C6F5709FAF8C3E17E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 6E318BAB14ED52B31EDB62629E689746
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CM6rw63y5f8CFQV_fQodd1cNzQ;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89
Frame ID: 4A406E40E3EA7807F151CC3FA1A0A4E4
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLy_w63y5f8CFRQpcgodjxEDgQ;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826
Frame ID: 1D01EA8B6E43E245798BC86B24BB1AA8
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMe3w63y5f8CFUMEgwMdwnEJRw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052
Frame ID: A84CAF4CA843F7A949D06FCD71459E91
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vlKTANZE2uI0B2gw6Pd4TeJQOBQfVU4-~A&gdpr=0
Frame ID: F0A8F816C8DEB4317CD5B15D5F867883
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0
Frame ID: 632BAE179557AD4B88C1616C58AD52E4
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0
Frame ID: 9FA5FBA8CF0A391222137C56A60282BE
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fUC8TAZE2uLEAr9M.OD8DyA4mPbmkGw-~A&gdpr=0
Frame ID: E65391BB570763728C8FD819A20F0023
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 84DD884A19C4FC4FA68EC6855AA01B1D
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=xmwilhl&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&upid=gwdsao6&upv=1.1.0
Frame ID: EEBBD0FBC15EE7EA340CEC73AB0ADA86
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&upid=3ausds4&upv=1.1.0
Frame ID: E56A78430884684326FC0B3DE722E30D
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: FF4580A47A889D5C3576814C3FAC535E
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expiration=1690544845&gdpr=0&gdpr_consent=
Frame ID: 6913E6E7EBA5BA3C4F3EE35E3DCE62F2
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: 87DC81329BC63DC5BA53A2CC1E239E9E
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expiration=1690544844&gdpr=0&gdpr_consent=
Frame ID: F75FBA55B715F641E1F8099B85DB5E78
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0852FFF7C7C0714ABCA105BA174C7E3F
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmdlZWxvbmdhZHZlcnRpc2VyLmNvbS5hdTo0NDM.&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=mf7rlp421dgh
Frame ID: 4ED56110059D104D2E1D661FA9DFF456
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9240079D02C4EE03FB89E74AAA64C764
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E22CC18F02A28E10076FC9554973E161
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Subscribe to the Geelong Advertiser

Page URL History Show full URLs

https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bd... HTTP 302
https://www.geelongadvertiser.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.geelongadvertiser.com.au%2fne... HTTP 302
https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bd... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.a... HTTP 302
https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bd... HTTP 302
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongad... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.a... HTTP 302
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongad... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

288
Requests

89 %
HTTPS

0 %
IPv6

44
Domains

86
Subdomains

69
IPs

8
Countries

4010 kB
Transfer

11870 kB
Size

81
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dailytelegraph.com.au/
Title: dailytelegraph.com.au

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com.au/
Title: heraldsun.com.au

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: couriermail.com.au

Search URL Search Domain Scan URL

URL: https://www.adelaidenow.com.au/
Title: advertiser.com.au

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: cairnspost.com.au

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: goldcoastbulletin.com.au

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: ntnews.com.au

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: thechronicle.com.au

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: themercury.com.au

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: townsvillebulletin.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: theaustralian.com.au

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/privacy
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bdfd570557412730e7c5b3fd534d388e HTTP 302
https://www.geelongadvertiser.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.geelongadvertiser.com.au%2fnews%2fgeelong%2fthomas-hoogstra-pleads-guilty-to-hacking-offences%2fnews-story%2fbdfd570557412730e7c5b3fd534d388e HTTP 302
https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bdfd570557412730e7c5b3fd534d388e HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2fnews%2fgeelong%2fthomas-hoogstra-pleads-guilty-to-hacking-offences%2fnews-story%2fbdfd570557412730e7c5b3fd534d388e&16879528321397922143 HTTP 302
https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bdfd570557412730e7c5b3fd534d388e?nk=e1bea05af7b4d964054353420f5f93aa-1687952833 HTTP 302
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dGAWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3danonymous%26mode%3dpremium&1687952834775398666 HTTP 302
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://cm.everesttech.net/cm/dd?d_uuid=21920557572790878541176898971991034499 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZJwdyQAAAJCZKQM4

Request Chain 101

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1775817129186315206

Request Chain 111

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3594341751515198353

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjE5MjA1NTc1NzI3OTA4Nzg1NDExNzY4OTg5NzE5OTEwMzQ0OTk= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjE5MjA1NTc1NzI3OTA4Nzg1NDExNzY4OTg5NzE5OTEwMzQ0OTk=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIv1TdaZTBBD45I4KXNiNd4&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 126

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=328daa8d-9bac-4f33-bec9-1a16250b4629

Request Chain 150

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZJwdywhXlc0Kmpzu0aOMngAA%264732

Request Chain 151

https://dt.scanscout.com/ssframework/uid?UIAA=21920557572790878541176898971991034499&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-aa6893b3e4b67ccc01e56f7090434218

Request Chain 155

https://ps.eyeota.net/match?bid=6j5b2cv&uid=21920557572790878541176898971991034499&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=21920557572790878541176898971991034499&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 166

https://usermatch.krxd.net/um/v2?partner=adobe&id=21920557572790878541176898971991034499 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=21920557572790878541176898971991034499

Request Chain 197

https://tags.bluekai.com/site/43981?id=21920557572790878541176898971991034499&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wkp3ZHlRQUFBSkNaS1FNNA==

Request Chain 205

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZJwdyQAAAJCZKQM4&expires=90

Request Chain 207

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJwdyQAAAJCZKQM4

Request Chain 209

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZJwdyQAAAJCZKQM4

Request Chain 212

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZJwdyQAAAJCZKQM4 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZJwdyQAAAJCZKQM4

Request Chain 213

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZJwdyQAAAJCZKQM4

Request Chain 214

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZJwdyQAAAJCZKQM4&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZJwdyQAAAJCZKQM4&img=1&__user_check__=1&sync_id=8c7db07b-15a9-11ee-b89a-17819dd40207

Request Chain 215

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZJwdyQAAAJCZKQM4&t=2592000&o=0

Request Chain 223

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CM6rw63y5f8CFQV_fQodd1cNzQ;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89

Request Chain 224

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLy_w63y5f8CFRQpcgodjxEDgQ;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826

Request Chain 225

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMe3w63y5f8CFUMEgwMdwnEJRw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052

Request Chain 226

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:sn89jzz&fmt=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vlKTANZE2uI0B2gw6Pd4TeJQOBQfVU4-~A&gdpr=0

Request Chain 227

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:dc3lunr&fmt=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzI4ZGFhOGQtOWJhYy00ZjMzLWJlYzktMWExNjI1MGI0NjI5&gdpr=0&gdpr_consent=&ttd_tdid=328daa8d-9bac-4f33-bec9-1a16250b4629 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=328daa8d-9bac-4f33-bec9-1a16250b4629&google_gid=CAESEAR3k1Ohlg1eNOsRFttoSBo&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0

Request Chain 228

https://insight.adsrvr.org/track/pxl/?adv=xmwilhl&ct=0:nrubs1l&fmt=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0

Request Chain 229

https://insight.adsrvr.org/track/pxl/?adv=xmwilhl&ct=0:nucu8f9&fmt=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzI4ZGFhOGQtOWJhYy00ZjMzLWJlYzktMWExNjI1MGI0NjI5&gdpr=0&gdpr_consent=&ttd_tdid=328daa8d-9bac-4f33-bec9-1a16250b4629 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=328daa8d-9bac-4f33-bec9-1a16250b4629&google_gid=CAESEAR3k1Ohlg1eNOsRFttoSBo&google_cver=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=328daa8d-9bac-4f33-bec9-1a16250b4629&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fUC8TAZE2uLEAr9M.OD8DyA4mPbmkGw-~A&gdpr=0

Request Chain 251

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

Request Chain 253

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

Request Chain 258

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842662438/?random=71926282&cv=11&fst=1687952845131&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&label=Uj4dCI_J9NgBEKaE6JED&hn=www.googleadservices.com&frm=1&gtm_ee=1&auid=2119483805.1687952845&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=zR2cZNH3DaGQ1Aa1o6KADA&sscte=1&crd=&pscrd=Ek5DaEFJOExUdnBBWVE5LWViX05UNC1kMDZFaVlBNHJtaHd4OWpjQV9GekNfOGdUdEl2Yk9SZUNvX1VwTnpjSFViT19EblZXbnd5Y2RCRVEaWkNoRUk4TFR2cEFZUW4tX1gwT1RuNEtiM0FSSXVBT0JVVU1LU2FWcHZBai14X19PdGRxYjJPWDduek5QX29VV2paN1BYVFkxUU1YN2lYMEc0bjBScThrMUs2dyITCJGS863y5f8CFSEI1QodtZEIwA HTTP 302
https://www.google.com/pagead/1p-conversion/842662438/?random=71926282&cv=11&fst=1687952845131&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&label=Uj4dCI_J9NgBEKaE6JED&hn=www.googleadservices.com&frm=1&gtm_ee=1&auid=2119483805.1687952845&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExUdnBBWVE5LWViX05UNC1kMDZFaVlBNHJtaHd4OWpjQV9GekNfOGdUdEl2Yk9SZUNvX1VwTnpjSFViT19EblZXbnd5Y2RCRVEaWkNoRUk4TFR2cEFZUW4tX1gwT1RuNEtiM0FSSXVBT0JVVU1LU2FWcHZBai14X19PdGRxYjJPWDduek5QX29VV2paN1BYVFkxUU1YN2lYMEc0bjBScThrMUs2dyITCJGS863y5f8CFSEI1QodtZEIwA&is_vtc=1&ocp_id=zR2cZNH3DaGQ1Aa1o6KADA&cid=CAQSKQBygQiDU8tXNYhJBq5HKcwKM-vFTffDeTPsfscmCRx7De6CuEGNr4VQ&random=337069118 HTTP 302
https://www.google.com.au/pagead/1p-conversion/842662438/?random=71926282&cv=11&fst=1687952845131&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&label=Uj4dCI_J9NgBEKaE6JED&hn=www.googleadservices.com&frm=1&gtm_ee=1&auid=2119483805.1687952845&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExUdnBBWVE5LWViX05UNC1kMDZFaVlBNHJtaHd4OWpjQV9GekNfOGdUdEl2Yk9SZUNvX1VwTnpjSFViT19EblZXbnd5Y2RCRVEaWkNoRUk4TFR2cEFZUW4tX1gwT1RuNEtiM0FSSXVBT0JVVU1LU2FWcHZBai14X19PdGRxYjJPWDduek5QX29VV2paN1BYVFkxUU1YN2lYMEc0bjBScThrMUs2dyITCJGS863y5f8CFSEI1QodtZEIwA&is_vtc=1&ocp_id=zR2cZNH3DaGQ1Aa1o6KADA&cid=CAQSKQBygQiDU8tXNYhJBq5HKcwKM-vFTffDeTPsfscmCRx7De6CuEGNr4VQ&random=337069118&ipr=y&ezwbk=AZuM4hAe7yVdlBR0T6UZIjdeY16uUg-ErD_JbARoY-_5eA4B770wnHdRd2XVP4-T_BXxgVBlLqhaP7Ra3lTbipN-XGyP

288 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.geelongadvertiser.com.au/subscribe/news/1/
Redirect Chain

https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bdfd570557412730e7c5b3fd534d388e
https://www.geelongadvertiser.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.geelongadvertiser.com.au%2fnews%2fgeelong%2fthomas-hoogstra-pleads-guilty-to-hacking-offences%2fnews-story%2fbdfd...
https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bdfd570557412730e7c5b3fd534d388e
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2fnews%2fgeelong%2fthomas-hoogstra-pleads-guilty-to-hacking-offences%2fnews-story%2fbdfd570557...
https://www.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story/bdfd570557412730e7c5b3fd534d388e?nk=e1bea05af7b4d964054353420f5f93aa-1687952833
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dGAWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.geelo...
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences...

53 KB
12 KB

1031ms
1031ms

Document
text/html

23.199.76.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.199.76.145 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-76-145.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

b7e7bcc8da113ca329f8422817955a7ba0aedc84152b28962e87c813a5fa2deb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=1200
content-encoding: gzip
content-length: 11174
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:15 GMT
expires: Wed, 28 Jun 2023 12:07:15 GMT
host-header: a9130478a60e5f9135f765b23f26593b
server: nginx
strict-transport-security: max-age=600 ; includeSubDomains
vary: User-Agent Accept-Encoding
x-powered-by: WordPress VIP <https://wpvip.com>
x-robots-tag: noindex, nofollow
x-rq: sin1 123 243 443

Redirect headers

cache-control: max-age=2721
content-length: 154
content-type: text/html
date: Wed, 28 Jun 2023 11:47:14 GMT
etag: "33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server: AkamaiNetStorage

GET
H2 200 /
dsf.newscorpaustralia.com/geelongadvertiser/_static/ 109 KB
16 KB 386ms
93ms Stylesheet
text/css 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJx1kFtqAzEMRTdUj/IgbfNRupTgsUWqVH5gyQmz+yhDMqSQ/hguPod7EVyqoxy4RxQIIhBJFEYu4dcxjc23CUQnxiFRHgx4AzNCyYpZIXVXuR8pC5xQqzdpvRk2j3A4Y46lge9aklelsGBnilhqQ2scO3G8V2IkNWEOAjNkL16W5mXrSSAZ7ZExzVOeQmU/YXOMRx+mP8P/1e3vOb+WbvcJ7EUoOP0xUB7cd/pav39+7Lfb3Wp/BXn5frU=
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e3bcc8ce748dbe1031fe24b4f1b97a05c877c2b3d5aae7543f305a45a7e3c73

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:16 GMT
x-rq: syd1 123 243 443
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 06:25:09 GMT
server: nginx
age: 580
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-length: 15747

GET
H2 200 /
dsf.newscorpaustralia.com/geelongadvertiser/_static/ 318 KB
42 KB 487ms
194ms Stylesheet
text/css 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0249dc43fce5c7506ceb11eb153e85e68153186214ca6d86a73c5d4300e2ecc0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:16 GMT
x-rq: syd1 123 243 443
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 06:25:09 GMT
server: nginx
age: 580
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-length: 42752

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/gea.sops/prod/ 731 B
1 KB 878ms
190ms Script
application/javascript 13.227.254.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.sync.js?ver=6.1.3
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-68.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 467996f832b426866ac703931f2d0c0b0ec2d7d099ce0ace5eaf24fe1b6d40b5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Cq3Hu6R7TY7j_eJDZmij4NUAiCTn.tQP
date: Wed, 28 Jun 2023 11:47:18 GMT
via: 1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 731
last-modified: Tue, 13 Jun 2023 03:12:47 GMT
server: AmazonS3
etag: "703021b6b324ff96fed44f10b5480f53"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: XUHQCWmWo9-i1MwXegrcdpD0mAS4oLard9ym_qCTAC7DkpYgsYhjnQ==

GET
H2 200 rampart.js Show response
www.geelongadvertiser.com.au/remote/identity/rampart/latest/ 289 KB
85 KB 358ms
358ms Script
application/x-javascript 23.199.76.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js?ver=6.1.3

Requested by

Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.199.76.145 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-76-145.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

94c44ff30928aca0de57828e6c4e57a4b38a81ec69eb131952da7bd91133fcc6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security: max-age=600 ; includeSubDomains
content-encoding: gzip
date: Wed, 28 Jun 2023 11:47:17 GMT
server: AkamaiNetStorage
etag: "81ad55416338725f293d9d981baf0374:1687925761.061365"
vary: User-Agent, Accept-Encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type: application/x-javascript
cache-control: max-age=710
expires: Wed, 28 Jun 2023 11:59:07 GMT

GET
H2 200 20352597942.js Show response
cdn.optimizely.com/js/ 312 KB
92 KB 1019ms
426ms Script
text/javascript 184.26.20.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20352597942.js?ver=6.1.3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.26.20.144 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-26-20-144.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

b6d39e820d997f9d76ad33f0796e7ab3ce1cd6d34fb7533ffe1e4123020a468a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.geelongadvertiser.com.au/
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: ZPMMFTlyw.IaPCuo9EIfZ5IqQjGftjqn
content-encoding: gzip
date: Wed, 28 Jun 2023 11:47:16 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 3M805AZ2AD4CVXJG
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1843
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=2, origin; dur=237, cdn;desc="AkamaiION";dur=0,rtt;desc="183";dur=0,cdnip;desc="184.26.20.144";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="468875_1611772943_497962420_23985_2062_183_0_-";dur=1
content-length: 92824
x-amz-id-2: W7P+ZyNQ4d/yHXbxS5T039JAQuJXckn9wwZi+iYXS+DAMpGSNb0cjDqm61ChJTG2R78QCVeh5AI=
last-modified: Tue, 20 Jun 2023 22:25:19 GMT
server: AmazonS3
etag: "6618d6e8bc7605342df20931ba3e40b6"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=0
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 / Show response
dsf.newscorpaustralia.com/geelongadvertiser/_static/ 99 KB
34 KB 558ms
266ms Script
application/javascript 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZhbmRhampuWEWAK/CIio=
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:16 GMT
x-rq: syd1 123 243 443
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 18:26:11 GMT
server: nginx
age: 1449
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-length: 34405

GET
H2 200 extended-access.js Show response
subscriptions.geelongadvertiser.com.au/google-loader/ 296 KB
81 KB 1320ms
614ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/google-loader/extended-access.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

6413cac069da0e1669802c0019821281440e276c252d46ecfa65b41c555742f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:16 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Mon, 05 Jun 2023 03:44:56 GMT
x-amz-cf-pop: SIN5-C1
etag: "2d8c6258c0a02f7f18d2f9cee3941e35"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: taFc9UjclA1Laf4JkYIMuxxqaTwGbth2xgpmIjxySr1YZdG6HSdOLA==
content-length: 82250

GET
H2 200 loader.js Show response
subscriptions.geelongadvertiser.com.au/loader/ 298 KB
88 KB 904ms
199ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/loader/loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

38f8cbb80d5a8a46d1db01f8933a74122429b57173170410ac82861108acc289

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:16 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Thu, 22 Jun 2023 04:22:27 GMT
x-amz-cf-pop: SIN5-C1
etag: "6108a2a2024433b45b5d2e9098a93c18"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: fr-_-Ahe5i6JBU3ejmGYi5xU_kBfnCiHVvQxIxdBOzX_3J2mOL0RlA==
content-length: 90033

GET
H2 200 / Show response
dsf.newscorpaustralia.com/geelongadvertiser/_static/ 97 KB
27 KB 557ms
266ms Script
application/javascript 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/js/dsf-front.build.6f69f8c1.js,/wp-content/themes/dynamic-shopfront/js/navigation.js?m=1687408203j
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 869a72029a522dd22adb931f0510cbf8044b9f27c95cd3d41450cea0707ddba7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:16 GMT
x-rq: syd1 123 242 443
content-encoding: gzip
last-modified: Thu, 22 Jun 2023 04:30:03 GMT
server: nginx
age: 1449
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-length: 27848

GET
H2 200 e-202326.js Show response
stats.wp.com/ 13 KB
4 KB 286ms
93ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202326.js
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nc: HIT syd
date: Wed, 28 Jun 2023 11:47:17 GMT
content-encoding: br
last-modified: Fri, 19 May 2023 01:52:23 GMT
server: nginx
etag: W/"6466d657-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 23 Jun 2024 14:29:59 GMT

GET
H/1.1 200
OK geo4.js Show response
cdn3.optimizely.com/js/ 309 B
791 B 638ms
185ms Script
application/javascript 104.69.168.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo4.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js?ver=6.1.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.69.168.60 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-69-168-60.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3cb89ebea6527df59287bc5d00d249d32042594d113a62049185b76945a6e959

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date: Wed, 28 Jun 2023 11:47:18 GMT
Server: AmazonS3
x-amz-request-id: 2AD34Z4B28XEKWSS
x-amz-server-side-encryption: AES256
ETag: "8777c006589ecabfa3d63a6b5bf24393"
Content-Type: application/javascript
Cache-Control: max-age=31210
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 309
x-amz-id-2: rFEINd11E8snj6xgt9vE7tcCYGTnbyWN9osYIeglCIOTK3jzTAaCku3Eo7KAU++3irrB2GSjjwo=

GET
H2 200 SourceSansPro-Regular.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 83 KB
83 KB 582ms
94ms Font
application/font-woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Regular.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 123 243 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: "63da083e-14aec"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 84716

GET
H2 200 SourceSansPro-SemiBold.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 82 KB
82 KB 582ms
94ms Font
application/font-woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-SemiBold.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 123 242 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: "63da083e-14808"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 83976

GET
H2 200 charter_bold-webfont.woff
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 28 KB
28 KB 583ms
95ms Font
application/font-woff 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/charter_bold-webfont.woff
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8640916aba1207e4fcff9c894252543689989434cd9fc0dabd4cee60b3e763a5

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 123 243 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: "63da083e-6f0c"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 28428

GET
H2 200 we-are-for-you.svg
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 4 KB
2 KB 95ms
94ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/we-are-for-you.svg
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 86e8ed098febe4691b72980ac9bb22f6370cd6fb7fd50f2fc3ca41f5a24c6ed7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:17 GMT
content-encoding: gzip
x-rq: syd1 123 242 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: W/"63da083e-1177"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000

GET
H2 200 logo.svg
dsf.newscorpaustralia.com/geelongadvertiser/wp-content/plugins/dynamic-shop-front/assets/mastheads/identity/images/geelongadvertiser/ 7 KB
3 KB 95ms
94ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/wp-content/plugins/dynamic-shop-front/assets/mastheads/identity/images/geelongadvertiser/logo.svg
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ce0521f284da500d2370fa55cb67572b396580e84c0a5a5c3a9513c1928ee665

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:17 GMT
content-encoding: gzip
x-rq: syd1 123 242 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: W/"63da083e-1a23"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000

GET
H2 200 avatar.svg
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 264 B
323 B 95ms
95ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/avatar.svg
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e30565d344697a80f05882c11755c6d6a71626791bbc124df343b5edc7901312

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:17 GMT
x-rq: syd1 123 243 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: "63da083e-108"
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 264

GET
H2 200 52f9dea7dba6893b2ce39556038a0d29
content.api.news/v3/images/bin/ 11 KB
11 KB 1008ms
966ms Image
image/jpeg 23.199.76.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/52f9dea7dba6893b2ce39556038a0d29?width=320
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.199.76.145 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-76-145.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: bc16fd291c9404dea4228fdbe95fa02b712fb35e3c2c0ffcf9a6005de7371d01

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-check-cacheable: YES
edge-cache-tag: 52f9dea7dba6893b2ce39556038a0d29
content-length: 11281
last-modified: Mon, 19 Jun 2023 09:08:28 GMT
server: Akamai Image Manager
x-serial: 1728
etag: 4383a00ab7716321abb3e7432fbd5a0e-52f9dea7dba6893b2ce39556038a0d29-320
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=4396923
x-o: CF
access-control-allow-headers: x-newsapi-api-key
expires: Fri, 18 Aug 2023 09:09:21 GMT

GET
H2 200 a20352597942.html Show response
a20352597942.cdn.optimizely.com/client_storage/ Frame 40C7 2 KB
2 KB 686ms
232ms Document
text/html 23.56.28.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js?ver=6.1.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.56.28.14 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-28-14.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

443e120db57ab3dfcd9c87b05caf487840d2629f175dd8fd53d26718a5dae940

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 885
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:47:18 GMT
etag: "e864c501575422757dd871aceb48ac8f"
last-modified: Tue, 20 Jun 2023 22:25:11 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="216";dur=0,cdnip;desc="23.56.28.14";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="468875_388706581_351728122_28_1722_216_0_-";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: m2ueYWIeX0IVb9VIPitPMTiouF1Ai6yeKg5ePK8DMqcPPbclUw38zXY54bIzMVZ4AEb5Ed2P5uk=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: KG4MG1RYW7T6TA6S
x-amz-server-side-encryption: AES256
x-amz-version-id: MwzuPzPp3.BIQPsKftwaL61Yf9O88gMh

GET
H2 200 icon-faq-plus.png
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 466 B
542 B 94ms
93ms Image
image/png 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/icon-faq-plus.png
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 123 242 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: "63da083e-1d2"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 466

GET
H2 200 charter_italic-webfont.woff
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 29 KB
29 KB 552ms
95ms Font
application/font-woff 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/charter_italic-webfont.woff
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fc8a6e495e7cd447608aea7e0cd59b0e79bd4e74822d428c53880ac0db6c469

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 123 242 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: "63da083e-72d4"
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29396

GET
H2 200 SourceSansPro-Italic.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 35 KB
35 KB 552ms
95ms Font
application/font-woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Italic.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c33c60d014227b42c513820e6d750cced736cda305beb7d6a20e35afe502648c

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 123 242 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: "63da083e-8aa8"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35496

GET
H2 200 SourceSansPro-Bold.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 82 KB
82 KB 551ms
95ms Font
application/font-woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Bold.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljlsOgjAQRTdkOzwFPoxrKWWklbY0zBDT3VuJJho/7+PkXnhEodfAGBii22cbCKYUlLdakFmjuG05BUWEnBNLDJoIRrfqJWtlXWJ0OG8qGji6suirphuLFhuZqyf4WmCDHn8HDkZoY90ExMnhH+R38Xl2R45KL6KsZHX8eBsv5uov5bnvhrpui+EJ4PlN3Q==
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 123 243 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: "63da083e-1460c"
x-cache: HIT
content-type: application/font-woff2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 83468

GET
H2 200 Masthead-Digital.png
dsf.newscorpaustralia.com/geelongadvertiser/wp-content/uploads/sites/71/2021/05/ 1 KB
1 KB 95ms
94ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/wp-content/uploads/sites/71/2021/05/Masthead-Digital.png?w=251
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:17 GMT
x-rq: syd1 115 147 443
last-modified: Mon, 08 May 2023 14:19:59 GMT
server: nginx
etag: "9067b2ddacda1489"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1038

GET
H2 200 icon-premium.png
dsf.newscorpaustralia.com/central/wp-content/uploads/sites/8/2021/05/ 286 B
358 B 94ms
94ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/central/wp-content/uploads/sites/8/2021/05/icon-premium.png?w=22
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2de22d2cce6ccf2563f2b8f8ebf6840fcb0915a8fbe0d3e88a4321b8d0b6b8ea

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 115 147 443
last-modified: Mon, 08 May 2023 14:16:46 GMT
server: nginx
etag: "4d4012dd6b2bfff4"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 286

GET
H2 200 Masthead-Digital.png
dsf.newscorpaustralia.com/geelongadvertiser/wp-content/uploads/sites/71/2021/05/ 1 KB
1 KB 93ms
93ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/wp-content/uploads/sites/71/2021/05/Masthead-Digital.png
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 115 147 443
last-modified: Mon, 08 May 2023 14:17:52 GMT
server: nginx
etag: "07b7a8f3c68f6bc2"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1038

GET
H2 200 icon-phone.png
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 337 B
382 B 94ms
93ms Image
image/png 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/icon-phone.png
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e1a4f2c605f26bcf80a2cd8e5d48e887c2062a53cd1d993cb05250223e386a6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
x-rq: syd1 123 242 443
last-modified: Wed, 01 Feb 2023 06:35:42 GMT
server: nginx
etag: "63da083e-151"
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 337

GET
H2 200 SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ 2 KB
2 KB 660ms
186ms Stylesheet
text/css 13.35.8.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-115.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 20:04:39 GMT
x-amz-version-id: BU9pslV_1tk2oM9KNiljnrkOp3wYAVog
via: 1.1 6e4552eff3e310bad9fd1a8c14b867d8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 56560
etag: "2a13a755f725cea2c202bc30af451d10"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2173
x-amz-cf-id: tVINDK6FijIBAieQn9MSQDAZieCC1v22ugYuxudj1BRvaJ2q1W4sPQ==

GET
H2 200 Charter.css
subscriptions.news.com.au/media/fonts/Charter/ 2 KB
2 KB 664ms
190ms Stylesheet
text/css 13.35.8.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-115.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 78tZPx9F6ldnoT3vI7OxzT3AZa.JXQqe
date: Tue, 27 Jun 2023 12:48:45 GMT
via: 1.1 6e4552eff3e310bad9fd1a8c14b867d8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:10 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 82714
etag: "9d796e9621f8bd2ea24552819973cb20"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1635
x-amz-cf-id: Q3eTL9wdJfwsySFYwKdNpGUUVdtB-jX1et-zseQdLWovhAff8BIlPw==

GET
H2 200 adobe_visitor.js Show response
tags.news.com.au/prod/visitor/ 60 KB
20 KB 189ms
189ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.sync.js?ver=6.1.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:18 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "762b36524699d0c801c527b6e71f35e4:1593471758.804374"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=67641
content-length: 19871

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 97ms
93ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=194448607&post=5&tz=10&srv=dsf.newscorpaustralia.com&hp=vip&j=1%3A12.2.1&host=www.geelongadvertiser.com.au&ref=&fcp=6588&rand=0.4299456150336798
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 11:47:18 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 119C 2 KB
4 KB 480ms
409ms Document
text/html 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=5xwbDRbdzrudqUR24bz_YvnoQtw8_31b&nonce=rkJFNCsBNOeD31KDmwHB-j.58K_6MboR&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMS4wIn0%3D

Requested by

Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js?ver=6.1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

85f98bbe7801acdcc2abc2fedbccd78dfb17a2ea1bcc7666b84b19e3fbffae58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7de5b1b8ca8e4637-SIN
content-encoding: gzip
content-length: 935
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type: text/html;charset=UTF-8
date: Wed, 28 Jun 2023 11:47:18 GMT
expires: Wed, 28 Jun 2023 11:47:18 GMT
ot-baggage-auth0-request-id: 7de5b1b8ca8e4637
ot-tracer-sampled: true
ot-tracer-spanid: 2884a0963f3e2d94
ot-tracer-traceid: 42dafa3621012bf3
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-000000000000000042dafa3621012bf3-2884a0963f3e2d94-01
tracestate: auth0-request-id=7de5b1b8ca8e4637,auth0=true
vary: Accept-Encoding
x-akamai-transformed: 9 580 0 pmb=mTOE,4
x-auth0-requestid: c6b156f76d9084e89855
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1687952839

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
373 B 1402ms
296ms XHR
text/plain 54.156.85.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js?ver=6.1.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.85.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-85-3.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 28 Jun 2023 11:47:19 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: e5dcb09b-5d3e-4079-af2c-edc7b60c0831

POST
H2 404 csp-reports
login.newscorpaustralia.com/ 0
0 795ms
237ms Other
text/plain 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/csp-reports
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a118-215-80-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

GET 3ef653f0
login.newscorpaustralia.com/akam/13/ Frame 119C 0
0

GET Nkc
login.newscorpaustralia.com/vQ8OudVfXNsH/ly/0vuPz-3oIw/EDkYfmLSQL/R3weTgo7RAE/LT1OO2pt/ Frame 119C 0
0

GET sec-3-10.css
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 119C 0
0

GET sec-cpt-3-10.js
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 119C 0
0

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/gea.sops/prod/ 53 KB
14 KB 199ms
199ms Script
application/javascript 13.227.254.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Requested by: Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/loader/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-68.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e0b9a89afe3dd2614cafd6a2e3b7706d3e5de745b63f9f23943f144636ba091

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 5tSFpIhfSHQJYDr39hgdZvN9nKX3hKAi
content-encoding: br
via: 1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 11:47:18 GMT
last-modified: Tue, 13 Jun 2023 03:12:46 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 184
x-amz-server-side-encryption: AES256
etag: W/"efde0199fabbf2753fb0e0781d02a856"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: YebKYsf7o5Q_cdeH0Nvcdxp6jUU3PzN83o_elBr0Fx1Uoha1-GoY1Q==

GET
H2 200 index.html Show response
subscriptions.geelongadvertiser.com.au/caas/ Frame 202A 764 B
1 KB 231ms
231ms Document
text/html 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/loader/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

99d2287c16562d07428c6d124092ef22641b17a710056952748685b7f9c510d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store
content-length: 764
content-type: text/html
date: Wed, 28 Jun 2023 11:47:18 GMT
etag: "1e2f0f944690d90a1169e255dd2c9311"
expires: Wed, 28 Jun 2023 11:47:18 GMT
last-modified: Wed, 21 Jun 2023 04:59:05 GMT
pragma: no-cache
strict-transport-security: max-age=600
x-amz-cf-id: 6j-zjaYw-V9GKj5GAUoOOThM1Prot2i4itBQRxx8pmcAB139es_ncQ==
x-amz-cf-pop: SIN5-C1
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
js.stripe.com/v3/ 501 KB
124 KB 683ms
222ms Script
text/javascript 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/loader/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e806b3fac51d7b2385800138a607e25371e6681a4dc69a1d8d3c1365e5ac002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 11:46:52 GMT
via: 1.1 d0df64d562de4c38403b4237a12e579a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 28
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 22:35:17 GMT
server: Cloudfront
etag: W/"6e75c119aba322f560570275f3b80c99"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: Y3Ov7XZEt4ttuagTKcPqY3Lfs2kp0SLhQOpVDrbPE2KE_gcneynPfg==

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 201 KB
58 KB 892ms
202ms Script
text/javascript 74.125.24.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/google-loader/extended-access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f139.1e100.net

Software

sffe /

Resource Hash

e7ed634b4a0338b5830e7f7ef9a8e0203d67a4bf29b0f84f804e8e109c49e669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59406
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 16:43:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 12:31:11 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 993ms
249ms XHR
application/json 52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1687952838978

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

f14fa1d73924280a47b4eea60c76bc64b80718f914c92c88386a380e60b492b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-1-v045-0e90fdf22.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: yMmvcZicTW8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1571
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 800ms
800ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16879528390600.6449077825244289
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:20 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
content-length: 833
expires: Wed, 28 Jun 2023 11:47:20 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
896 B 795ms
795ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 28 Jun 2023 11:47:20 GMT
cache-control: max-age=69784
server: AkamaiNetStorage
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 112 KB
34 KB 797ms
796ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 17246ea215393ee3bdba7cc5399b50dba6e05d9bba09e97b3fdb9d02a3415d37

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:20 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "e08a8fa24aafa0a53442beb99b4b2b44:1687412575.407561"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=69272
content-length: 34337

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 1283ms
203ms Script
text/javascript 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

cafe /

Resource Hash

fc36d166fe50568c25465a70f43155b620c9088ba6b79e3312edda1ff5f88576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25987
x-xss-protection: 0
server: cafe
etag: 472 / 19536 / 31075705 / config-hash: 13728557897118412599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 11:47:21 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 184 KB
62 KB 935ms
935ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d37c7ee32af1f07dbf22ab0a2e4c53707def7054bb4985ea89ca67db673106d8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:20 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "9938de9a553db5cf37904650f464cae7:1686023784.556489"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=69838

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 25 KB
10 KB 832ms
831ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:20 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=67938
content-length: 9840

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 170 KB
47 KB 1202ms
185ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 11:47:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46730
x-xss-protection: 0
pragma: public
x-fb-debug: AwTeoDCDyhLehHaD6jPgEeWUXUxfzAfl2Pn7NURIMkJl445kcHDW1kHu9stFbszAR8bWSTG2WvUQrzu98aaKyQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 617ms
211ms Script
text/javascript 18.155.68.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-27.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 11:02:05 GMT
Content-Encoding: gzip
Via: 1.1 bf928fe3a859cf8cab4cd81be24e61de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN52-P1
Age: 2716
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 May 2023 02:16:02 GMT
Server: AmazonS3
ETag: W/"d9de38d1900dec018a46f90cc70a48b7"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
X-Amz-Cf-Id: SBk6BFvA54R6SNCASAbKEFynF8ysDKCoSh9w5_Qd93oWLEekIYi9JQ==

GET
H2 200 nca_ipsos.js Show response
tags.news.com.au/prod/ipsos/ 26 KB
6 KB 187ms
187ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7f3c6b58f7c57e2b2b1bb8e49260fe50e7366d3eadebc1414f53fb6c7854d9b2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "83e3b56b9ff0bdc4a86e195e823387bf:1677561534.235209"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=72531
content-length: 6160

GET
H2 200 utag.502.js Show response
tags.tiqcdn.com/utag/newsltd/gea.sops/prod/ 2 KB
1 KB 195ms
194ms Script
application/javascript 13.227.254.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.502.js?utv=ut4.46.201909030147
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-68.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 046302b18b5e0963dac00fc3c90983976ccda694439ba396ad46f3348cf64164

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 3ugs9mPEaLqHmyvQ4Z3nvWiQY5aaC4et
content-encoding: br
via: 1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 11:47:21 GMT
last-modified: Tue, 13 Jun 2023 03:12:46 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 186
x-amz-server-side-encryption: AES256
etag: W/"e1bb1636a62faa4eae92fe097c92173e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: HIX-lV777zZP4Pa9AQiN4vvm4a3YQAfrZIs6-nRQkJ5J6c3A2PI27Q==

GET
H2 200 utag.617.js Show response
tags.tiqcdn.com/utag/newsltd/gea.sops/prod/ 5 KB
2 KB 190ms
190ms Script
application/javascript 13.227.254.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.617.js?utv=ut4.46.202306130312
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-68.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc9c14ba67baab831cbb7cf116c4139fa310a75d5bd61c2f159e51aa8147a158

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 7Uh6OJ29ruFxtbwv_efadG6ZbKrv.CfH
content-encoding: gzip
via: 1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 11:47:21 GMT
last-modified: Tue, 13 Jun 2023 03:12:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 186
x-amz-server-side-encryption: AES256
etag: W/"abe910fe108b6bae46020a8906d38aca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: z_L5jMxys-VMPxMsfKOFQWkMgvh7xoKhUjJ9qwSGM51aqR3nJgdijQ==

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ Frame 202A 21 KB
7 KB 705ms
188ms Stylesheet
text/css 74.125.24.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f139.1e100.net

Software

sffe /

Resource Hash

2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6456
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 12:27:14 GMT

GET
H2 200 runtime~main.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/ Frame 202A 4 KB
2 KB 216ms
216ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/runtime~main.js?7f88ebf276e14bb86cac

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

5786f36080159617f8c32ffb4343cb7d99ff62b2bf89033c131961460dbea7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:19 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:05 GMT
x-amz-cf-pop: SIN5-C1
etag: "a8c1aa37853f62fd2f1beba5484bc08c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: 5Sa-a8AGHqr-DS32uaCIaeDqN7hlq86ziQCe-Y6vVPL7EkYst77-9Q==
content-length: 1886

GET
H2 200 142.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/ Frame 202A 220 KB
71 KB 212ms
211ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/142.js?7f88ebf276e14bb86cac

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

c19d723c5ff7387f5246c144c11cff050cd9dd2f9eab1bdc6fedf59abbf1a406

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:19 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "faca3e951acddb8e8853fe117c6cbfd7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: TKVLVFcA71sqgoYc1dFyNYeTgtJokW-Xd7YW1cTOf_Mij4-VPXoxHA==
content-length: 72463

GET
H2 200 920.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/ Frame 202A 205 KB
40 KB 213ms
212ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/920.js?7f88ebf276e14bb86cac

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

4fbafbff8042949827075c2bbb0b18df9a4f15582c1de42c204a5f9b5d3d5b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:19 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "ffe74ba8372af9608d9f142b8d094541"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: uHiJHeGpBtyeQqj63SRZ10SU8BMJN7jxbJNHCOw8XqaELVdzUHGqeg==
content-length: 41032

GET
H2 200 main.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/ Frame 202A 13 KB
5 KB 295ms
294ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/main.js?7f88ebf276e14bb86cac

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

74a81037f2e748acf1b5bd10fbd4fc8d06429c175036f1357b46efa600fa8573

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:19 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "29491afbc9ce7310137a2d7cd79a2fe9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: zooZgsp5jDb1hmrdw3E3a6QGnqJ4MDu7Ks8f4oyob_7i6-OAaOxYsA==
content-length: 5013

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
373 B 391ms
286ms XHR
text/plain 54.156.85.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js?ver=6.1.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.85.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-85-3.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 28 Jun 2023 11:47:19 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 2c8f071f-0832-42bb-bd2d-a56de4be35b4

GET
H2 200 SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 202A 2 KB
2 KB 191ms
190ms Stylesheet
text/css 13.35.8.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-115.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 20:04:39 GMT
x-amz-version-id: BU9pslV_1tk2oM9KNiljnrkOp3wYAVog
via: 1.1 6e4552eff3e310bad9fd1a8c14b867d8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 56561
etag: "2a13a755f725cea2c202bc30af451d10"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2173
x-amz-cf-id: SxYpP15T7Vzgv5rGmJv_aaJ3vBh3xY82cnr5jxe0ESjGCPAs2N9QJw==

GET
H2 200 Charter.css
subscriptions.news.com.au/media/fonts/Charter/ Frame 202A 2 KB
2 KB 197ms
196ms Stylesheet
text/css 13.35.8.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-115.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 78tZPx9F6ldnoT3vI7OxzT3AZa.JXQqe
date: Tue, 27 Jun 2023 12:48:45 GMT
via: 1.1 6e4552eff3e310bad9fd1a8c14b867d8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:10 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 82715
etag: "9d796e9621f8bd2ea24552819973cb20"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1635
x-amz-cf-id: osGMvtS1KkOSDZwfjlvR7rQOFVL4fwE_CoFXz9HEKaZlZmaat1DrjA==

GET
H2 200 env.json Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/config/ Frame 202A 1 KB
1 KB 196ms
196ms XHR
application/json 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/config/env.json

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/142.js?7f88ebf276e14bb86cac

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ac972a09f7caaa1a2405c1ff7939e29b552d5f4f72c32886f32ce7df302344d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Accept: application/json, text/plain, */*
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:19 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "8429c17b53e4b8346af9123c7d21ce16"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: MsBHOWiv37ByzxxmO5FFtdUKz3W-61-t5hJlrJK8A7PNgwXWD2jYuA==
content-length: 765
expires: Wed, 28 Jun 2023 11:47:19 GMT

GET
H2 200 controller-5679dc69c45f0f121502d89b62217976.html Show response
js.stripe.com/v3/ Frame 884E 325 B
1 KB 770ms
770ms Document
text/html 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-5679dc69c45f0f121502d89b62217976.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b7e7abd80685057cef3e9e61adc238859c60327aecb2e2988de81b5b4899b442

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 40
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:46:40 GMT
etag: "5679dc69c45f0f121502d89b62217976"
last-modified: Tue, 27 Jun 2023 22:04:19 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d0df64d562de4c38403b4237a12e579a.cloudfront.net (CloudFront)
x-amz-cf-id: dtsgxSlwdAtlB97j_AFC7xBygQE8CRYFfLhghQnX13FefLzStxbMrg==
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-c468beca5019e1c058b54c075cd15f20.html Show response
js.stripe.com/v3/ Frame 6F83 408 B
1 KB 767ms
766ms Document
text/html 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-c468beca5019e1c058b54c075cd15f20.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ec0295731deaba2b5676eea7961d5eacccd1183d74d6cb0bfef234533394e814

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1145
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:32:13 GMT
etag: "c468beca5019e1c058b54c075cd15f20"
last-modified: Tue, 27 Jun 2023 22:04:34 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d0df64d562de4c38403b4237a12e579a.cloudfront.net (CloudFront)
x-amz-cf-id: Fp3RpS_F0KCm4EppZOELXJL6dCf1IV1TUxMM5ihqDguqamgrgwO_Ig==
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-ab38e0d678531368fb4e43464ab7c2d1.html Show response
js.stripe.com/v3/ Frame 027D 344 B
2 KB 766ms
765ms Document
text/html 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-ab38e0d678531368fb4e43464ab7c2d1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1d163cf98f60f11187b2070592f20aae9a224dbf1be20175016cf24ebeabb60b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 24
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:46:58 GMT
etag: "ab38e0d678531368fb4e43464ab7c2d1"
last-modified: Tue, 27 Jun 2023 22:04:34 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d0df64d562de4c38403b4237a12e579a.cloudfront.net (CloudFront)
x-amz-cf-id: WAcJee6fs91B2uRPRbXxV9x2sjmGJyAesZ2epiJ7PgXHodVU8X9Z9g==
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame 5410 7 KB
3 KB 1632ms
246ms Document
text/html 52.88.112.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.112.86 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-112-86.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-1-v045-01cf53ec0.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: diiWGHavQ4s=
content-encoding: gzip
date: Wed, 28 Jun 2023 11:47:21 GMT
last-modified: Wed, 14 Jun 2023 09:39:32 GMT
vary: accept-encoding

GET
H2 200 id Show response
newscorpau.sc.omtrdc.net/ 2 B
276 B 1394ms
248ms XHR
application/x-javascript 63.140.36.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.sc.omtrdc.net/id?d_visid_ver=4.5.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=21896492169389091721179276958315256729&ts=1687952839980

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-130.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.geelongadvertiser.com.au
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZJwdyQAAAJCZKQM4
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=21920557572790878541176898971991034499
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZJwdyQAAAJCZKQM4

42 B
942 B

249ms
249ms

Image
image/gif

52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZJwdyQAAAJCZKQM4

Requested by

Protocol

HTTP/1.1

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v045-0e103db9b.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fIo7LzV3S70=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZJwdyQAAAJCZKQM4
Date: Wed, 28 Jun 2023 11:47:21 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 rampart.js Show response
www.geelongadvertiser.com.au/remote/identity/rampart/latest/ Frame 202A 289 KB
85 KB 887ms
886ms Script
application/x-javascript 23.199.76.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/main.js?7f88ebf276e14bb86cac

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.199.76.145 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-76-145.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

94c44ff30928aca0de57828e6c4e57a4b38a81ec69eb131952da7bd91133fcc6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security: max-age=600 ; includeSubDomains
content-encoding: gzip
date: Wed, 28 Jun 2023 11:47:20 GMT
server: AkamaiNetStorage
etag: "81ad55416338725f293d9d981baf0374:1687925761.061365"
vary: User-Agent, Accept-Encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type: application/x-javascript
cache-control: max-age=833
expires: Wed, 28 Jun 2023 12:01:13 GMT

GET
H3 200 shared-80a7ba695fc9e1b270b8af55ac699fea.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 884E 505 KB
123 KB 192ms
190ms Script
text/javascript 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-5679dc69c45f0f121502d89b62217976.html

Protocol

Security

QUIC, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2c92818a99667058511b645d2829349b06e287a27cd0e141c6ed9e5d87ebf1b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-5679dc69c45f0f121502d89b62217976.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 11:07:28 GMT
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
age: 2396
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 22:04:32 GMT
server: Cloudfront
etag: W/"09523981e84c29f38a13b6362d718ac9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7vYUe_lvaBzbLdeKDknZWnhO_ho4xg9flgtk7wKNq4I36rUuYChUoA==

GET
H3 200 controller-0abc444125c49d7116725c90c3a54094.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 884E 483 KB
130 KB 209ms
207ms Script
text/javascript 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-0abc444125c49d7116725c90c3a54094.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-5679dc69c45f0f121502d89b62217976.html

Protocol

Security

QUIC, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bc2c3bc4253b185c7e94f5c88f0e723e6827c3426e3b38d8ba46deeb4a83375b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-5679dc69c45f0f121502d89b62217976.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 11:00:53 GMT
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
age: 2789
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 17:17:03 GMT
server: Cloudfront
etag: W/"c00f4a01608794eeecd9aed90366dd52"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8zxuInkqDsd_j4co4oRd7hmEzVdKC4zZSfhPOEROiQ4wcESVAhAvgQ==

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 187ms
186ms Stylesheet
text/css 74.125.24.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f139.1e100.net

Software

sffe /

Resource Hash

2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6456
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 12:27:14 GMT

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 187ms
186ms Other
image/svg+xml 74.125.24.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f139.1e100.net

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 12:35:11 GMT

GET
H2 200 serviceiframe Show response
news.google.com/swg/ui/v1/ Frame FAA0 16 KB
8 KB 215ms
214ms Document
text/html 74.125.24.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=1687952840736&publicationId=geelongadvertiser.com.au

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f139.1e100.net

Software

ESF /

Resource Hash

a7c251a7bbe0a1eec80eb286d147f047bc072bf4e0b214de93350644353cf87e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ezqR8_Pl3amTp8YTk4WLVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ezqR8_Pl3amTp8YTk4WLVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Wed, 28 Jun 2023 11:47:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 6F83 117 KB
36 KB 924ms
246ms Script
application/javascript 172.217.194.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-c468beca5019e1c058b54c075cd15f20.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f92.1e100.net

Software

ESF /

Resource Hash

19a0f014c0d3edf26067c94da12902d1d211cbdfbf242cba8112f60163e15e99

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-f-kxPBRyYAwFikRgmFR1xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-f-kxPBRyYAwFikRgmFR1xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 28 Jun 2023 11:47:21 GMT

GET
H3 200 shared-80a7ba695fc9e1b270b8af55ac699fea.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6F83 505 KB
123 KB 213ms
213ms Script
text/javascript 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-c468beca5019e1c058b54c075cd15f20.html

Protocol

Security

QUIC, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2c92818a99667058511b645d2829349b06e287a27cd0e141c6ed9e5d87ebf1b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-c468beca5019e1c058b54c075cd15f20.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 11:07:28 GMT
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
age: 2396
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 22:04:32 GMT
server: Cloudfront
etag: W/"09523981e84c29f38a13b6362d718ac9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kRVQ5lapt7poVV1a3MgtzD4TfNzu0KOXfjB7wKnn5AlDlBoccZIHkw==

GET
H3 200 payment-request-inner-google-pay-d5ae09e568687f3ac949779a18dedf76.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6F83 10 KB
4 KB 189ms
189ms Script
text/javascript 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d5ae09e568687f3ac949779a18dedf76.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-c468beca5019e1c058b54c075cd15f20.html

Protocol

Security

QUIC, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eb9373e8759934d7c7979814271bd17d1f6578a0e26f322e1645a571bfba59e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-c468beca5019e1c058b54c075cd15f20.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 11:12:18 GMT
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
age: 2181
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Jun 2023 17:02:54 GMT
server: Cloudfront
etag: W/"daca076a85a1436d93c64e90a61882fc"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: nv5S3XfjqodYXDC0IIdw7LeXyeYFGtGhBLJgQGR_xDjPv5ENPGQrGQ==

GET
H3 200 shared-80a7ba695fc9e1b270b8af55ac699fea.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 027D 505 KB
123 KB 219ms
219ms Script
text/javascript 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ab38e0d678531368fb4e43464ab7c2d1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2c92818a99667058511b645d2829349b06e287a27cd0e141c6ed9e5d87ebf1b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ab38e0d678531368fb4e43464ab7c2d1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 11:07:28 GMT
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
age: 2396
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Jun 2023 22:04:32 GMT
server: Cloudfront
etag: W/"09523981e84c29f38a13b6362d718ac9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wIH76Qi4Qu1OXMdrPZGKZM5pY-xppYtX2Xz_Lzx9WxAm6QUOSXLyYg==

GET
H3 200 payment-request-inner-browser-60213628200f3cf52c380275976f0441.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 027D 12 KB
5 KB 227ms
227ms Script
text/javascript 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-60213628200f3cf52c380275976f0441.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ab38e0d678531368fb4e43464ab7c2d1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c90b93aefe3e302d14ecadafe3f8aa45b5f90db60d0d763d05650d205f518200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ab38e0d678531368fb4e43464ab7c2d1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 11:05:42 GMT
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
age: 2606
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 23 Jun 2023 21:23:02 GMT
server: Cloudfront
etag: W/"7d273750df5052a69a1190dbf1228b5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: e607BwMM3sLrX5-YjdfvLRiyVNGywjj9pLNqLX_e-kUfusBq1X3Jcw==

GET
H2 200 article Show response
news.google.com/swg/_/api/v1/publication/geelongadvertiser.com.au/ 347 B
626 B 227ms
226ms Fetch
application/json 74.125.24.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/geelongadvertiser.com.au/article

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f139.1e100.net

Software

ESF /

Resource Hash

b6d16eb993186a6c87efd46863d85ba59395d395b0f1199dc83e101345d0af63

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 P9639CC51-2F11-48E8-B888-393496680A12.js Show response
cdn-gl.imrworldwide.com/conf/ 31 KB
7 KB 900ms
203ms Script
application/javascript 13.224.249.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P9639CC51-2F11-48E8-B888-393496680A12.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-23.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23986d947e8adcb2664cdf17bebb05193b4303a8b94e313a0ed504cb0dc6a63e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: BH5ar1QT9YgHUGVYGc89tpUgetiYMlg2
content-encoding: gzip
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 11:47:22 GMT
last-modified: Wed, 28 Jun 2023 01:18:06 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 1031
x-amz-server-side-encryption: AES256
etag: W/"6792b2eeb3802fb8cf5a1a8785cbbbe4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-id: ucVT5vhFShuvFQJhItSldlNM2OY4x4ceSzJq1lmb9V8TXeipq2FJnQ==

POST
H2 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame FAA0 0
206 B 202ms
201ms Other
text/html 74.125.24.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BiwzHy9LHdGQlCvIndcDKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-BiwzHy9LHdGQlCvIndcDKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L.B1.O/am=oDkD/d=1/ed=1/rs=ABXTjI6NmDAdMJycA0tx8RAVSC976-i6Kg/ Frame FAA0 532 B
980 B 865ms
186ms Stylesheet
text/css 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L.B1.O/am=oDkD/d=1/ed=1/rs=ABXTjI6NmDAdMJycA0tx8RAVSC976-i6Kg/m=serviceiframeview,_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1687952840736&publicationId=geelongadvertiser.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

e6d1acc43378dff625c02b13b7c50fe30f6b11107795c794939c145f300264dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 323
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 02:49:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/css; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 19:10:10 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/am=oDkD/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs... Frame FAA0 201 KB
71 KB 858ms
187ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/am=oDkD/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5_dxiLyI5X_Mz1gaQYdlgeRoD5ig/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1687952840736&publicationId=geelongadvertiser.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

8773eb198832002e4da0ff547d55965390ad80561efedde2e284c4b96fa5455c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72729
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 06:50:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:31:28 GMT

GET
H2 200 messages Show response
dsf.newscorpaustralia.com/dailytelegraph/wp-json/dsf-api/ Frame 202A 6 KB
2 KB 103ms
103ms XHR
application/json 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://dsf.newscorpaustralia.com/dailytelegraph/wp-json/dsf-api/messages

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/142.js?7f88ebf276e14bb86cac

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

56bc687b2a58d0145a7ab051dba9a1c8d64ff4bc048122726ed0960686e6d2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://subscriptions.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
x-cache: hit
content-length: 1418
x-rq: syd1 123 242 443
server: nginx
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://subscriptions.geelongadvertiser.com.au
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=60
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex
link: <https://dsf.newscorpaustralia.com/dailytelegraph/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 door.js Show response
au-script.dotmetrics.net/ 10 KB
4 KB 679ms
281ms Script
application/javascript 54.192.150.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/door.js?id=13075
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-56.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: 066e3f02735a1b050b4b530000e01009c051d86946593da9febd16a871eb3756

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
content-encoding: br
via: 1.1 988e86815669491446c291c607aeb5e8.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "13075...226.2023062811"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: application/javascript
cache-control: private
x-amz-cf-id: B3Q8Q8Gz-KxRW1sX4cNSxyMpMZvE0-Ai9elfMe2SJJhr4iIg3u8Gdw==

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 1424 2 KB
4 KB 424ms
423ms Document
text/html 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fsubscriptions.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Y3pqbYlN89yCvf0LXQMM6J~mqHR8yfeA&nonce=VJYbCZQibG8bZDqKjkkbLjab_Oa_oTwY&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMS4wIn0%3D

Requested by

Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

5e84552da3b262e6b9dc31b4477247fabcabc60258b35f37b5016524ac68f7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscriptions.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7de5b1ca3a0a9fe6-SIN
content-encoding: gzip
content-length: 940
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type: text/html;charset=UTF-8
date: Wed, 28 Jun 2023 11:47:21 GMT
expires: Wed, 28 Jun 2023 11:47:21 GMT
ot-baggage-auth0-request-id: 7de5b1ca3a0a9fe6
ot-tracer-sampled: true
ot-tracer-spanid: 065a2c2c0629d0f7
ot-tracer-traceid: 69a8c7c07aa1fbc9
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-000000000000000069a8c7c07aa1fbc9-065a2c2c0629d0f7-01
tracestate: auth0-request-id=7de5b1ca3a0a9fe6,auth0=true
vary: Accept-Encoding
x-akamai-transformed: 9 590 0 pmb=mTOE,4
x-auth0-requestid: 2d280f0f331cb8d38e8e
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1687952842

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 76 KB
22 KB 806ms
210ms Script
application/javascript 42.99.140.187
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.187 Central, Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-187.pacnet.net
Software: AmazonS3 /
Resource Hash: 9584e01c9e0b3e5a9eab6e960eeda441896c6f0da4d40062a4925b9f63370738

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 15:16:07 GMT
server: AmazonS3
x-amz-request-id: 30BHQWK760RF8BTY
x-amz-cf-pop: FRA56-C1
etag: "30ffb8d6ca1409bc5da2d7dad3c36fe1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: eHutYfJYZ-aDE95KicO1DIg61I_OXPm3c_wI-FoWMgYpKgXEc8G4Sw==
x-amz-id-2: 5pUb+SWNDarq5NA+O/xAMcZnNwPwsjwkbqzds4WPw5pdxRyuzgHrzKR+60mOYhzBsHDP0QlqSm8=
content-length: 22605

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 392 KB
125 KB 188ms
186ms Script
text/javascript 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 11:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85864
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Jun 2024 11:56:17 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 251ms
250ms XHR
application/json 52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=21896492169389091721179276958315256729&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=newsnkidcookie%01e1bea05af7b4d964054353420f5f93aa%011&ts=1687952841387

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

c5463d3a29d399e8e241f6d377b12dfc3b94da27a91319408a2ffb26e9619dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-2-v045-08d3ff396.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 5L7Q0+POQiM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1573
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 907ms
207ms Script
application/x-javascript 13.35.16.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.617.js?utv=ut4.46.202306130312
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.16.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-16-234.sin5.r.cloudfront.net
Software: nginx /
Resource Hash: 0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 10:37:20 GMT
content-encoding: gzip
via: 1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:35:23 GMT
server: nginx
x-amz-cf-pop: SIN5-C1
age: 4202
etag: W/"649b804b-9482"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: HHBNdaVEWsfNUsvMW1dvN7WSGAHLW6iEK-Xm7GbBz8yNAcoFTv3x9w==
expires: Wed, 28 Jun 2023 12:37:20 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 188ms
186ms Script
application/javascript 13.227.254.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/gea.sops/202306130312&cb=1687952841396
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-68.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Wed, 28 Jun 2023 11:40:03 GMT
via: 1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C3
age: 441
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: zOMfNG36UZuKe10ajUStX5KkEPZ1AW52mO-sN6_gHiKmPiAjiDX2tQ==

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 65 B
348 B 741ms
186ms XHR
text/plain 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
server: AkamaiNetStorage
etag: "519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary: Origin, Origin, Origin
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: text/plain
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: max-age=2241
content-length: 65

GET
H2 200 316290525736583 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 190ms
187ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/316290525736583?v=2.9.109&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

d3a8124577caaaa498704b5844d43e6eb9ca3310d7247fc4c67d21eeec7ee7f4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 28 Jun 2023 11:47:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87893
x-xss-protection: 0
pragma: public
x-fb-debug: vR8KGGegHYLjb/Zor0ke4WGBVNrQruYF/Lnobx8guitFLCvQ6Dx0d9sAPXEQDdzrM7B9tWvRoVX76KM7vREnYw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 404 csp-reports
login.newscorpaustralia.com/ Frame 202A 0
0 272ms
272ms Other
text/plain 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/csp-reports
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a118-215-80-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscriptions.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

POST
H2 200 s11576769115930 Show response
metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/ 5 KB
5 KB 936ms
258ms XHR
application/x-javascript 63.140.36.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/s11576769115930

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.148 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-148.data.adobedc.net

Software

jag /

Resource Hash

ad87e421b160d06bb4308e939089eb8cb495b1ef6bcb6aaa8ddc282033007f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-aam-tid: sGoHetXUSck=
date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4910
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-1-v045-0b6bfa0ef.edge-usw2.demdex.com 5 ms
pragma: no-cache
last-modified: Thu, 29 Jun 2023 11:47:22 GMT
server: jag
etag: 3624851127359569920-4619623632850508176
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Tue, 27 Jun 2023 11:47:22 GMT

GET 3ef653f0
login.newscorpaustralia.com/akam/13/ Frame 1424 0
0

GET Nkc
login.newscorpaustralia.com/vQ8OudVfXNsH/ly/0vuPz-3oIw/EDkYfmLSQL/R3weTgo7RAE/LT1OO2pt/ Frame 1424 0
0

GET sec-3-10.css
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 1424 0
0

GET sec-cpt-3-10.js
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 1424 0
0

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=1775817129186315206
dpm.demdex.net/ Frame 5410
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1775817129186315206

42 B
942 B

401ms
249ms

Image
image/gif

52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=1775817129186315206

Requested by

Protocol

HTTP/1.1

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v045-035ed0b22.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YGUJtchuSuM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Wed, 28 Jun 2023 11:47:22 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 66.203.112.162; 66.203.112.162; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d9e1786a-895b-4ba6-b435-b16fbd2ea0ca
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=1775817129186315206
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 435.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/ Frame 202A 27 KB
9 KB 243ms
240ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/435.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/runtime~main.js?7f88ebf276e14bb86cac

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

176a4d7346001286ad894be3cc341bd466f932e48f947c14deddd5ce422ac519

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "d06060475925fd26eebf19d729f1fcd0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: QG4q9JuwBRRzoCZLzP6kreSbrGpn9K8HJ8bgk5H8IYAGgX5xyM7XaQ==
content-length: 8641

GET
H2 200 33.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/ Frame 202A 8 KB
3 KB 230ms
228ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/33.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/runtime~main.js?7f88ebf276e14bb86cac

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

cf3b2803b89ea7487c5d3d0104c7ff4edb35d12fd865fb98f83b1502d01437fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "a5936e74bd56ad438f5f65c3b91c82d0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: Q6_cXgIHpHDAM6eYGdHHVx008cXu8Wb_ilEEkxFCQy7JL59wELiJJg==
content-length: 2542

GET
H2 200 598.async.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/ Frame 202A 17 KB
6 KB 238ms
236ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/598.async.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/runtime~main.js?7f88ebf276e14bb86cac

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

fe73f1fd4b06562be19aaeccf8ffeb47aa50dbc383d2e7e0a103ece055aea89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "86af291d0ca4e8daceea8070aa8d16e3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: 0wJwoHyFudhRCNfwcYPTYHC910omVpfzGPvZ0DzXs-1KhOHoNtz2Hg==
content-length: 5553

GET
H2 200 357.async.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/ Frame 202A 25 KB
9 KB 230ms
228ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/357.async.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/runtime~main.js?7f88ebf276e14bb86cac

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

dfad6d1cecf7337dcd922f1fab22a655d9e28aedddebb6d8ef5c07c8c277009b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "6849ace129baf5312aeedd2b943cf3b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: XWXzPlyuDUydVBExgeM6S83hKABFILpcTds2A1X8v1oPnOwSbHsudA==
content-length: 8500

GET
H2 200 336.async.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.16/ Frame 202A 130 KB
50 KB 241ms
239ms Script
text/javascript 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/336.async.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/runtime~main.js?7f88ebf276e14bb86cac

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

b924179133a5a0c633a8a39dab244b421d633995ef21e5ac79ae0778873f97c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:21 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "2605314ce5370212b43c3b17e9560592"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: mlfLGUIuWBOUEB4RwY_XXWNjMyMTCNWtH-guHQqiG2MUgQ_6LoEbJg==
content-length: 50519

POST
H2 200 csp-report
q.stripe.com/ Frame 884E 0
717 B 764ms
250ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952842358149
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1687952842357644
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 027D 0
718 B 740ms
246ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952842357899
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1687952842357655
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 027D 0
717 B 986ms
493ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952842602838
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1687952842601308
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 884E 474 B
776 B 381ms
191ms Fetch
application/json 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.227.254.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-117.sin52.r.cloudfront.net
Software: Cloudfront /
Resource Hash: f960100f65d6f29382608b2fc5a8bdb0eacddb10b8aa39e36f70fe98f15d35bd

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-5679dc69c45f0f121502d89b62217976.html
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Jun 2023 11:47:05 GMT
via: 1.1 2ba2ffa46f6a4bf7dd5bd07c9a0879ce.cloudfront.net (CloudFront)
age: 21
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 474
last-modified: Tue, 27 Jun 2023 22:35:18 GMT
server: Cloudfront
etag: "f7c2ad4339dfade287fabc9fe1fbdfa5"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: UK6RPjz2DDyXuZdUmM4PrkgLz6NGIaUWTDs_Q7rolomgaJHpZGjp9Q==

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=3594341751515198353
dpm.demdex.net/ Frame 5410
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3594341751515198353

42 B
942 B

250ms
250ms

Image
image/gif

52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3594341751515198353

Requested by

Protocol

HTTP/1.1

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v045-0c5f23af7.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 85U6vW4JQIQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3594341751515198353
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 884E 1 KB
2 KB 791ms
405ms Fetch
application/json 54.179.176.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.176.233 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-176-233.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

193a0221ed8d8aa20ff5668a30be0fca54a742312793a89a424f89a17e4ba088

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1314
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6F83 0
717 B 845ms
490ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952842601626
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1687952842601247
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6F83 0
717 B 601ms
246ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952842358131
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1687952842357686
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 621ms
106ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: H9BC1ES5RWEWWYHP
age: 3256
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7de5b1d32bc1a980-SYD
x-amz-id-2: KlWUSfxDnSaJ83GABAuftQK+dytlFEk2u9ovPNCYdAQ1K6rV/UxY20fFt3udoQdZdbkk7iKAAfc=

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 5410 0
719 B 1632ms
186ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=21920557572790878541176898971991034499&gdpr=0&gdpr_consent=
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 7993 18 KB
8 KB 255ms
253ms Document
text/html 172.217.194.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f92.1e100.net

Software

ESF /

Resource Hash

1b1c2f524b143bc3a83524f11ad7b02bb7c8caa537ebc46e9ae6aa30c337a7b2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-NQMciF_YI1-gThxkFJIFFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-NQMciF_YI1-gThxkFJIFFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 28 Jun 2023 11:47:22 GMT
expires: Wed, 28 Jun 2023 11:47:22 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 202A 2 KB
2 KB 186ms
186ms Stylesheet
text/css 13.35.8.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-115.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 20:04:39 GMT
x-amz-version-id: BU9pslV_1tk2oM9KNiljnrkOp3wYAVog
via: 1.1 6e4552eff3e310bad9fd1a8c14b867d8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 56564
etag: "2a13a755f725cea2c202bc30af451d10"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2173
x-amz-cf-id: z3yBXqAs7idm2S_iG2SxO7XXM-Q3hWYO6Ea_QUai4SkH9oPHnnXS7w==

GET
H2 200 Charter.css
subscriptions.news.com.au/media/fonts/Charter/ Frame 202A 2 KB
2 KB 190ms
190ms Stylesheet
text/css 13.35.8.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-115.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 78tZPx9F6ldnoT3vI7OxzT3AZa.JXQqe
date: Tue, 27 Jun 2023 12:48:45 GMT
via: 1.1 6e4552eff3e310bad9fd1a8c14b867d8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:10 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 82718
etag: "9d796e9621f8bd2ea24552819973cb20"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1635
x-amz-cf-id: vygqAyLwWHpt0Csmzwra412PzZfUebKJPT-B9bwxiGn7XNDL6ey_yg==

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 862ms
188ms Script
application/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.geelongadvertiser.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
1 KB 223ms
223ms XHR
text/plain 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2132402580215861&correlator=2413382119142260&hxva=1&scor=1183766995841377&eid=31075620%2C31075705&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&iu_parts=5129&enc_prev_ius=%2F0%2F&prev_iu_szs=1x1&ifi=1&adks=14334197&sfv=1-0-40&ists=1&prev_scp=pos%3D1&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3De1bea05af7b4d964054353420f5f93aa%26sec1%3Dsops%26sec2%3Dsubscription%26sec3%3Dcustomerdetails%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dbreach%252Cshopfront%26adl%3Dfalse%26snol%3Dd%252Ce%252Cf%252Cg%252Ch%252Cb%252Cc%26abtest%3Da%26pvid%3De1bea05af7b4d964054353420f5f93aa-00000000000000000000000000000000-1687952840719-186674&sc=1&cookie_enabled=1&abxe=1&dt=1687952842045&lmt=1687952842&dlt=1687952835970&idt=5948&adxs=0&adys=2990&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&frm=20&vis=1&psz=1600x2990&msz=1600x0&fws=4&ohw=1600&ga_vid=826259830.1687952842&ga_sid=1687952842&ga_hid=154498443&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRjRudGOkDFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

cafe /

Resource Hash

0b6fb674e2e79f30521887dfe4c7e6b41102a555af24ba5d588535348bc6e3d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 687
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d8ede64fb0b4059f92faa47208f01578.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0CEE 6 KB
3 KB 871ms
188ms Document
text/html 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8ede64fb0b4059f92faa47208f01578.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:47:22 GMT
expires: Thu, 27 Jun 2024 11:47:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEIv1TdaZTBBD45I4KXNiNd4&google_cver=1
dpm.demdex.net/ Frame 5410
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjE5MjA1NTc1NzI3OTA4Nzg1NDExNzY4OTg5NzE5OTEwMzQ0OTk=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjE5MjA1NTc1NzI3OTA4Nzg1NDExNzY4OTg5NzE5OTEwMzQ0OTk=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIv1TdaZTBBD45I4KXNiNd4&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

482ms
249ms

Image
image/gif

52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIv1TdaZTBBD45I4KXNiNd4&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v045-09129422b.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sMDEChN4Q5M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIv1TdaZTBBD45I4KXNiNd4&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hit.gif
au-script.dotmetrics.net/ 43 B
1 KB 300ms
297ms Image
image/gif 54.192.150.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-script.dotmetrics.net/hit.gif?id=13075&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&dom=www.geelongadvertiser.com.au&r=1687952842061&pvs=1&pvid=c3911213-1560-43c8-95f6-fe50bf81261b&c=true&tzOffset=0&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13075
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-56.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
dotmetrics-hit-status: 01 OK
via: 1.1 988e86815669491446c291c607aeb5e8.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: image/gif
cache-control: no-cache
x-amz-cf-id: 3xFYDupoM8Hh6_H4kVS6X1kqW3zve4obQlvzat75w7SnDDZ6pU2DJQ==

GET
H2 200 hit.gif
rm-script.dotmetrics.net/ 807 B
1 KB 886ms
186ms Image
image/gif 13.224.249.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rm-script.dotmetrics.net/hit.gif?id=13075&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&dom=www.geelongadvertiser.com.au&r=1687952842061&pvs=1&pvid=c3911213-1560-43c8-95f6-fe50bf81261b&c=true&tzOffset=0
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-38.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:04:03 GMT
via: 1.1 08a12acbdd73ab65ad077921a50970da.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 12:25:02 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 31400
x-amz-server-side-encryption: AES256
etag: "e4f758e6322c8f8abfa1f6eba71ee873"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 807
x-amz-cf-id: 12YqPJqtXj97urNaj_QbPHm2xlB-lgeYoF6As_72fdOOo6SJo43UZA==

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=328daa8d-9bac-4f33-bec9-1a16250b4629
dpm.demdex.net/ Frame 5410
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=328daa8d-9bac-4f33-bec9-1a16250b4629

42 B
942 B

249ms
249ms

Image
image/gif

52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=328daa8d-9bac-4f33-bec9-1a16250b4629

Requested by

Protocol

HTTP/1.1

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v045-0d71b290a.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QenLYMbOTmc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=328daa8d-9bac-4f33-bec9-1a16250b4629
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H2 200 script.js Show response
au-script.dotmetrics.net/Scripts/ 34 KB
14 KB 497ms
495ms Script
application/javascript 54.192.150.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/Scripts/script.js?v=226
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-56.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: 26587f7d7f7c842e7b454e054f67972ce7314cf87bee34e4bf57d9780691be25

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
content-encoding: br
via: 1.1 988e86815669491446c291c607aeb5e8.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jun 2023 08:18:27 GMT
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "1d9a34fc9f203c1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 5CZ6jlI3gARBhH4RdIORqn8y9M0gSe_ReOsIfQFcJgrgKA2Fp7srHg==

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 992ms
493ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843045517
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045156
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 1012ms
514ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046204
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045699
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 1028ms
531ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046209
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1687952843045772
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 1012ms
515ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046028
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1687952843045494
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 1011ms
515ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046233
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045561
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 997ms
500ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046116
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045748
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 1009ms
513ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046582
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045964
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 993ms
497ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046116
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045604
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 994ms
499ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046156
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045832
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
274 B 985ms
491ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843045902
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045565
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 1010ms
516ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046736
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045988
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 994ms
500ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046542
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045910
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.JEicw7LpU2I.es5.O/am=YGw/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=A... Frame 7993 159 KB
57 KB 187ms
187ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.JEicw7LpU2I.es5.O/am=YGw/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhiN3dsARpXx4PtUfJvvVvWek48sQ/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

f57b6108982216411ab9034939c86440a3b5c53659300e07f1f7911e2d0ef2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57625
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 04:23:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:40:21 GMT

GET
H2 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L... Frame FAA0 126 KB
43 KB 254ms
254ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L.B1.O/am=oDkD/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4qbO_j-pw_Qyj-LwG2awtqdfkQxQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/am=oDkD/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI5_dxiLyI5X_Mz1gaQYdlgeRoD5ig/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

2e7532d33d76085f9260e6ec5d9a061d591f5f78de643e5b05c2cc00f8a6209a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43638
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 02:49:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 19:12:08 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L... Frame FAA0 18 KB
7 KB 304ms
304ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L.B1.O/am=oDkD/d=1/exm=COQbmf,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4qbO_j-pw_Qyj-LwG2awtqdfkQxQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

6b44a23f958f60a8e28a17e0ae702cc89a3fd3d81d96dda5f6198762a234df59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7477
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 02:49:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 19:12:08 GMT

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 18 KB
2 KB 748ms
193ms XHR
application/octet-stream 42.99.140.187
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.187 Central, Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-187.pacnet.net
Software: AmazonS3 /
Resource Hash: 0105add2de786317621e624c9af1b2b1e98b1e855b43f596938ebde82b2e3060

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 9g5j_aVxwXn_XpZTT20C3l0zrllwnTkQ
content-encoding: gzip
date: Wed, 28 Jun 2023 11:47:22 GMT
last-modified: Thu, 25 May 2023 06:55:57 GMT
server: AmazonS3
x-amz-cf-pop: ATL51-C1
etag: "fe5a63661b71f1873ab8ad1bf213fc4c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=234
accept-ranges: bytes
x-amz-cf-id: WEdMLKhCrZiDzdr4QndC8nYOf-x9W_A_AdA6gNPaHiaG4mc1FwTMOg==
content-length: 1282

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 7993 2 KB
2 KB 285ms
284ms Other
text/html 172.217.194.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.194.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 500 usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 5410 0
0 829ms
360ms Image
text/html 104.91.76.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.91.76.201 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-76-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 199 KB
56 KB 217ms
217ms Script
application/javascript 13.224.249.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P9639CC51-2F11-48E8-B888-393496680A12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-23.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: qAuMC_cBXhFjiyzLuhpEoecYbuPbFf_p
content-encoding: gzip
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
date: Wed, 28 Jun 2023 11:01:07 GMT
x-amz-cf-pop: SIN52-C2
age: 2776
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 12 Jun 2023 14:05:40 GMT
server: AmazonS3
etag: W/"f43d226b4110956140ab2e00da92026d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: XWwn6NUWDzTzf0q0-WJjlaoQdXFpjq-GebTqiNdxvhkHXqvnF2zNBA==

OPTIONS
H/1.1 200
OK tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 0
0 549ms
97ms Preflight 54.66.105.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.66.105.184 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-66-105-184.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geelongadvertiser.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Max-Age: 600
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 11:47:22 GMT
Server: nginx

POST
H/1.1 200
OK tp2 Show response
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 2 B
565 B 381ms
98ms XHR
text/plain 54.66.105.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.66.105.184 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-66-105-184.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Wed, 28 Jun 2023 11:47:23 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H/1.1 200
OK cookie.html Show response
ncg.tags.news.com.au/prod/ncg/ Frame 530A 12 KB
5 KB 571ms
187ms Document
text/html 18.155.68.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-45.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3b029951e626e7d3123a1f25886db28f5ea4f32d1e80491a3b8c8c51f13f5c9

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Age: 2549
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 28 Jun 2023 11:04:54 GMT
ETag: W/"fbee957879301d939e1c5ea8e01d09a8"
Last-Modified: Tue, 16 May 2023 02:16:02 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 38f7a6091a95b3808d7a0f553df4fd56.cloudfront.net (CloudFront)
X-Amz-Cf-Id: VcXYhdpR6sCqVjuB4jIaTy7DLvB1s3AgcSpaVRng9DkO_Lfs7awlTg==
X-Amz-Cf-Pop: SIN52-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=ZJwdywhXlc0Kmpzu0aOMngAA%264732
dpm.demdex.net/ Frame 5410
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZJwdywhXlc0Kmpzu0aOMngAA%264732

42 B
943 B

409ms
270ms

Image
image/gif

52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZJwdywhXlc0Kmpzu0aOMngAA%264732

Requested by

Protocol

HTTP/1.1

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v045-0920c61e2.edge-usw2.demdex.com 15 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZZy/fQZ7QLg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:47:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZJwdywhXlc0Kmpzu0aOMngAA%264732
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-aa6893b3e4b67ccc01e56f7090434218
dpm.demdex.net/ Frame 5410
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=21920557572790878541176898971991034499&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-aa6893b3e4b67ccc01e56f7090434218

42 B
942 B

249ms
249ms

Image
image/gif

52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-aa6893b3e4b67ccc01e56f7090434218

Requested by

Protocol

HTTP/1.1

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v045-03a034575.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: l4bVzdIiQ68=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-aa6893b3e4b67ccc01e56f7090434218
Date: Wed, 28 Jun 2023 11:47:23 GMT
useSecure: true
Server: openresty/1.19.9.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.JEicw7LpU2I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36K... Frame 7993 70 KB
26 KB 187ms
187ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.JEicw7LpU2I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36KGWZnfm08.L.B1.O/am=YGw/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh41Mh-XVIADB3hAX8naEGhtu3rew/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.JEicw7LpU2I.es5.O/am=YGw/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhiN3dsARpXx4PtUfJvvVvWek48sQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

cf18a23ebad9a8f687c4aa51b2911f7aaaad37ecf9b30582416bb11cc35cc7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26475
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 01:22:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:40:21 GMT

GET
H2 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L... Frame FAA0 1 KB
770 B 187ms
187ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L.B1.O/am=oDkD/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4qbO_j-pw_Qyj-LwG2awtqdfkQxQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

6a9bc1773c75cbffd4bc0e281e8a51213cbd70b5273ce02582cbc330f400602b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 705
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 02:49:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 19:12:08 GMT

POST
H2 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame FAA0 172 B
310 B 204ms
204ms XHR
application/json 74.125.24.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=4725518391750736330&bl=boq_subscribewithgoogleclientserver_20230626.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=42443&rt=c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f139.1e100.net

Software

ESF /

Resource Hash

fd421736bace3389bc9d8583b654ca52b894f02f7242442559f1799626887128

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 5410
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=21920557572790878541176898971991034499&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=21920557572790878541176898971991034499&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

256ms
256ms

Image
image/gif

52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Protocol

HTTP/1.1

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v045-02ddecd78.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2VhsUFyTQY8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,303
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Wed, 28 Jun 2023 11:47:23 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 857ms
185ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316290525736583&ev=PageView&dl=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&rl=&if=false&ts=1687952842607&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.2.1687952842604.846425077&it=1687952841570&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 11:47:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 857ms
186ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316290525736583&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&rl=&if=false&ts=1687952842608&sw=1600&sh=1200&v=2.9.109&r=stable&ec=1&o=30&fbp=fb.2.1687952842604.846425077&it=1687952841570&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 11:47:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L... Frame FAA0 18 KB
6 KB 187ms
186ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L.B1.O/am=oDkD/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4qbO_j-pw_Qyj-LwG2awtqdfkQxQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

276b5ca3301511662e8cdb8ea08988f59db514c9b91a19f0ae233d36c84abef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6283
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 02:49:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 19:12:08 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 561ms
498ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843045878
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045434
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 561ms
498ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843045901
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045466
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 555ms
494ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843045888
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045357
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 561ms
501ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843045971
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045444
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 550ms
492ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843045894
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843045271
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 587ms
530ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843045631
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1687952843045218
access-control-allow-credentials: true
content-length: 0

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 34EF 12 KB
4 KB 190ms
189ms Document
text/html 13.224.249.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-23.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 574
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 28 Jun 2023 11:37:49 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Mon, 12 Jun 2023 14:05:39 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
x-amz-cf-id: 4ICqUHaItWIN2XK4Zcmi4BOuGZG4HemoTWo28XGcAIaIU_u96xdOEg==
x-amz-cf-pop: SIN52-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: UYGZ3Pa9bEh3fzu3nt5h25aUF1xMbqst
x-cache: Hit from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 5410
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=21920557572790878541176898971991034499
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=21920557572790878541176898971991034499

0
338 B

840ms
252ms

Image
text/plain

54.70.49.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=21920557572790878541176898971991034499
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Server: 54.70.49.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-49-196.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n016-pdx-prod.krxd.net
date: Wed, 28 Jun 2023 11:47:24 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1687952844
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=21920557572790878541176898971991034499
date: Wed, 28 Jun 2023 11:47:23 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a019-ash-prod.krxd.net

GET
H2 200 pay Show response
pay.google.com/gp/p/ui/ Frame 7993 1 MB
384 KB 256ms
256ms XHR
text/html 172.217.194.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f92.1e100.net

Software

ESF /

Resource Hash

fab79de6cfef98582441e4add50be4bffc0e4535e25ece25c8abdd249934ecb6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-3LfO7ZGe6S--VlOL9FwwyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-3LfO7ZGe6S--VlOL9FwwyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 28 Jun 2023 11:47:22 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.JEicw7LpU2I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36K... Frame 7993 23 KB
9 KB 191ms
190ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.JEicw7LpU2I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36KGWZnfm08.L.B1.O/am=YGw/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh41Mh-XVIADB3hAX8naEGhtu3rew/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

776822d281d0d7f93b0b7ac2fd5e7cdc4f0cfe13e1ae6dd2d1ec091ffc947366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9411
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 01:22:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:40:21 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.JEicw7LpU2I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36K... Frame 7993 36 KB
13 KB 191ms
191ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.JEicw7LpU2I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.36KGWZnfm08.L.B1.O/am=YGw/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh41Mh-XVIADB3hAX8naEGhtu3rew/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

a33d6b4c228a135368fdef737a48d1a61cc86714b9ed3bdddb3e922e333a3764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 17:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13606
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 01:22:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 17:40:21 GMT

POST
H2 200 log Show response
play.google.com/ Frame 7993 131 B
196 B 1414ms
439ms XHR
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 906ms
228ms Preflight
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:23 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 7993 131 B
196 B 1399ms
431ms XHR
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 909ms
234ms Preflight
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:23 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 7993 131 B
196 B 1410ms
435ms XHR
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 900ms
227ms Preflight
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:23 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 7993 131 B
196 B 1405ms
439ms XHR
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 908ms
235ms Preflight
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:23 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 7993 131 B
426 B 1398ms
428ms XHR
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 903ms
231ms Preflight
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:23 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 7993 131 B
196 B 1224ms
439ms XHR
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 1086ms
417ms Preflight
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:23 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 451ms
451ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046368
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1687952843046012
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 434ms
434ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046490
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843046056
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 448ms
448ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046823
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843046108
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 446ms
446ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046509
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952843046136
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 460ms
460ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:23 GMT
x-stripe-server-envoy-start-time-us: 1687952843046764
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1687952843046190
access-control-allow-credentials: true
content-length: 0

GET
H2 200 imgNewsNetwork.jpg
subscriptions.geelongadvertiser.com.au/caas/1.10.16/assets/ Frame 202A 35 KB
35 KB 186ms
186ms Image
image/jpeg 118.215.80.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/assets/imgNewsNetwork.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

118.215.80.114 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a118-215-80-114.deploy.static.akamaitechnologies.com

Software

Resource Hash

eee4b740fa1ca55446b70cfbdc4ce54b00362f9ccd61c3db2c5f6fe432c340ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:22 GMT
strict-transport-security: max-age=600
last-modified: Wed, 21 Jun 2023 04:59:04 GMT
x-amz-cf-pop: SIN5-C1
etag: "66e5b98efe47b4be5eea14745e58a730"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
cache-control: max-age=1964635
accept-ranges: bytes
content-length: 35778
x-amz-cf-id: cDLMTAHtVc1qGl8He2r0_h3NVCjyOLH2cQCII7VyF0CUzDVodp2Xbw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 202A 884 B
906 B 861ms
189ms Script
text/javascript 74.125.24.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/336.async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f147.1e100.net

Software

GSE /

Resource Hash

b749b811af45fd43246b551475d7d97369a3359cc2dc989b82a155f78671ad12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 586
x-xss-protection: 1; mode=block
expires: Wed, 28 Jun 2023 11:47:23 GMT

GET
H2 200 GA_SDO_P0423A_W04 Show response
commerceapi.news.com.au/offersapi/offers/ Frame 202A 33 KB
10 KB 797ms
797ms XHR
application/json 23.199.76.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offers/GA_SDO_P0423A_W04
Requested by: Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.16/142.js?7f88ebf276e14bb86cac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.199.76.145 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-76-145.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8eb351d1e3d4a21d6b9a2eb37d67663ae36133446d077a70736352549e1caf8f

Request headers

Accept: application/json, text/plain, */*
Referer: https://subscriptions.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
x-api-key: 0iwH8Iq4KC9UZKpkJJn6B8SpM7MCC3tl35vR1WF9

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
x-amz-cf-pop: HKG62-C2
x-amzn-requestid: 27d97b43-3ac2-4de3-a714-5d4aa569112c
x-amzn-trace-id: Root=1-649c1dcc-2812c0b73dc2233e22f0371b;Sampled=0;lineage=3fb1b6ca:0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: HOmYBFPWSwMF8Bg=
x-amz-cf-id: 9vamWOA-CIy3MTvk4pwTCW4BnTRhdHkbY90K82z1pep6GS0gAk2h2A==
content-length: 9383

OPTIONS
H2 200 GA_SDO_P0423A_W04
commerceapi.news.com.au/offersapi/offers/ Frame 0
0 1467ms
770ms Preflight
application/json 23.199.76.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offers/GA_SDO_P0423A_W04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.199.76.145 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-76-145.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://subscriptions.geelongadvertiser.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://subscriptions.geelongadvertiser.com.au
content-length: 1
content-type: application/json
date: Wed, 28 Jun 2023 11:47:24 GMT
x-amz-apigw-id: HOmX7HAjywMFkSQ=
x-amz-cf-id: APawefCjTi101e3LjHV_QsyOvw5AH6eT3psa56TCnE7tYG7H0UmaNg==
x-amz-cf-pop: HKG62-C2
x-amzn-requestid: 5c25affc-bf2f-489e-b36c-c13f9af30471

POST
H2 200 log Show response
play.google.com/ Frame FAA0 131 B
214 B 1396ms
429ms XHR
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 873ms
235ms Preflight
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:23 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FAA0 131 B
196 B 1404ms
433ms XHR
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 868ms
231ms Preflight
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:23 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FAA0 131 B
196 B 1407ms
435ms XHR
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 866ms
230ms Preflight
text/plain 172.253.118.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f138.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 28 Jun 2023 11:47:23 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 5410
Redirect Chain

https://tags.bluekai.com/site/43981?id=21920557572790878541176898971991034499&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

42 B
960 B

299ms
249ms

Image
image/gif

52.43.206.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.43.206.219 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-206-219.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v045-0baad2716.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: E/6MLOJBR+U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,303
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date: Wed, 28 Jun 2023 11:47:23 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L... Frame FAA0 107 KB
36 KB 187ms
187ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Pg-3X39S5xw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.pcNDxrGToBs.L.B1.O/am=oDkD/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI4qbO_j-pw_Qyj-LwG2awtqdfkQxQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

45926764db4788195674cd6861fa93454383325a3b60ff0c6780774512d8d812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36502
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 02:49:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Jun 2024 19:12:08 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
337 B 1150ms
408ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.geelongadvertiser.com.au
date: Wed, 28 Jun 2023 11:47:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 SiteEvent.dotmetrics Show response
au-script.dotmetrics.net/ 399 B
1 KB 284ms
283ms Script
application/javascript 54.192.150.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNzUsImZsIjp0cnVlLCJkb20iOiJ3d3cuZ2VlbG9uZ2FkdmVydGlzZXIuY29tLmF1IiwibHNvIjpudWxsLCJ1cmwiOiJodHRwczovL3d3dy5nZWVsb25nYWR2ZXJ0aXNlci5jb20uYXUvc3Vic2NyaWJlL25ld3MvMS8%2Fc291cmNlQ29kZT1HQVdFQl9XUkUxNzBfYSZkZXN0PWh0dHBzJTNBJTJGJTJGd3d3LmdlZWxvbmdhZHZlcnRpc2VyLmNvbS5hdSUyRm5ld3MlMkZnZWVsb25nJTJGdGhvbWFzLWhvb2dzdHJhLXBsZWFkcy1ndWlsdHktdG8taGFja2luZy1vZmZlbmNlcyUyRm5ld3Mtc3RvcnklMkZiZGZkNTcwNTU3NDEyNzMwZTdjNWIzZmQ1MzRkMzg4ZSZtZW10eXBlPWFub255bW91cyZtb2RlPXByZW1pdW0iLCJydXJsIjoiIiwicHZpZCI6ImMzOTExMjEzLTE1NjAtNDNjOC05NWY2LWZlNTBiZjgxMjYxYiIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1687952842879
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-56.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: 6756a285ef9172275882dfbb3f4f44fab6b65def89bd99253931aa90b0cc03f0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:23 GMT
content-encoding: br
via: 1.1 988e86815669491446c291c607aeb5e8.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: SIN2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: Kqf8O7yjjvFP88rMi3oiknfqhL0foHzQepeDAe2S5Ol9TSGuyu8z8g==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5410
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wkp3ZHlRQUFBSkNaS1FNNA==

170 B
188 B

190ms
189ms

Image
image/png

142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wkp3ZHlRQUFBSkNaS1FNNA==

Requested by

Protocol

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-bfi-krnt7300101-BFI
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1687952844.669616,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=Wkp3ZHlRQUFBSkNaS1FNNA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 34EF 44 B
722 B 598ms
188ms Image
image/gif 54.251.134.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P9639CC51-2F11-48E8-B888-393496680A12&sessionId=mhpyayiqn1hzo3n7ehl5rdesuwt9v1687952842&c16=sdkv,bj.6.0.0&uoo=&fp_id=5yj4vtwllakmaatokzif9vws9a3ha1687952842&fp_cr_tm=1687952842685&fp_acc_tm=1687952842685&fp_emm_tm=1687952842685&ve_id=&c30=bldv,6.0.0.663&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.134.114 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-134-114.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
mhpyayiqn1hzo3n7ehl5rdesuwt9v1687952842.nuid.imrworldwide.com/ Frame 34EF 35 B
349 B 911ms
196ms Image
image/gif 54.192.150.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mhpyayiqn1hzo3n7ehl5rdesuwt9v1687952842.nuid.imrworldwide.com/
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-103.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 21:10:39 GMT
via: 1.1 fe526590cbb2126b4baee2eb7ee38048.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 52604
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: XEqKausMeCh5bz7iCGjgIQBtaPRiWA9C1e1D97dZlBQXeZ3JYLyAKQ==

GET
H2 200 Serving Show response
bs.serving-sys.com/ 9 KB
2 KB 918ms
191ms Script
text/html 54.255.159.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=1732298491678326737&pageurl=$$https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium$$&activityValues=$$Session%3D6399882785610640405$$&ns=0&rnd=5068204529686078&uinadv=%7B%7D&ccpastatus=1
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.159.244 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-159-244.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 30d39037d63a65375e36debcdc6fbe1cac4ca8f7a418f05ba9a475474acfaeab

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 1825
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5410
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZJwdyQAAAJCZKQM4&expires=90

42 B
798 B

920ms
185ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZJwdyQAAAJCZKQM4&expires=90
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-bfi-krnt7300101-BFI
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1687952844.669750,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZJwdyQAAAJCZKQM4&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 873ms
287ms Image
image/gif 34.195.37.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newspaywall.com.au&p=%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%3A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&u=n0k6SBYfQLL70X3&d=geelongadvertiser.com.au&g=36976&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3014&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&b=12138&t=DZ3aG6uyh2X4vzKYT21f0Cn-zLI&V=140&i=Subscribe%20to%20the%20Geelong%20Advertiser&tz=0&sn=1&sv=Bit-AvwM4POBZBBImCb7Q2tBYShsV&sd=1&im=0e03041a&_
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.37.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-37-97.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5410
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJwdyQAAAJCZKQM4

43 B
632 B

1047ms
295ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJwdyQAAAJCZKQM4
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:47:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-bfi-krnt7300101-BFI
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1687952844.669765,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZJwdyQAAAJCZKQM4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 357ms
186ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316290525736583&ev=Microdata&dl=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&rl=&if=false&ts=1687952843109&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Subscribe%20to%20the%20Geelong%20Advertiser%22%2C%22meta%3Adescription%22%3A%22Subscribe%20to%20the%20Geelong%20Advertiser%20to%20get%20unrestricted%20digital%20access%2C%20home%20paper%20delivery%2C%20Apps%20for%20iPad%20and%20Android%20and%20much%20more...%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22publisher%22%3A%7B%22name%22%3A%22Geelong%20Advertiser%22%2C%22%40type%22%3A%22Organization%22%7D%2C%22isPartOf%22%3A%7B%22name%22%3A%22Geelong%20Advertiser%22%2C%22productID%22%3A%22geelongadvertiser.com.au%3Adigital%22%2C%22%40type%22%3A%22Product%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.109&r=stable&ec=2&o=30&fbp=fb.2.1687952842604.846425077&it=1687952841570&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 28 Jun 2023 11:47:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5410
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZJwdyQAAAJCZKQM4

43 B
1 KB

242ms
241ms

Image
image/gif

104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=ZJwdyQAAAJCZKQM4

Requested by

Protocol

HTTP/1.1

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:47:23 GMT
AN-X-Request-Uuid: bac468b8-6469-4ac3-8442-a4f0ebd9776f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 66.203.112.162; 66.203.112.162; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-bfi-krnt7300101-BFI
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1687952844.691205,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=ZJwdyQAAAJCZKQM4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

OPTIONS
H/1.1 200
OK tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 0
0 98ms
97ms Preflight 54.66.105.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.66.105.184 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-66-105-184.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geelongadvertiser.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Max-Age: 600
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 11:47:23 GMT
Server: nginx

POST
H/1.1 200
OK tp2 Show response
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 2 B
565 B 99ms
98ms XHR
text/plain 54.66.105.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.66.105.184 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-66-105-184.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Wed, 28 Jun 2023 11:47:23 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5410
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZJwdyQAAAJCZKQM4
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZJwdyQAAAJCZKQM4

43 B
180 B

190ms
189ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZJwdyQAAAJCZKQM4
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:24 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZJwdyQAAAJCZKQM4
date: Wed, 28 Jun 2023 11:47:24 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5410
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZJwdyQAAAJCZKQM4

1 B
455 B

575ms
186ms

Image
text/html

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZJwdyQAAAJCZKQM4
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:47:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-bfi-krnt7300101-BFI
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1687952844.691352,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZJwdyQAAAJCZKQM4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 5410
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZJwdyQAAAJCZKQM4&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZJwdyQAAAJCZKQM4&img=1&__user_check__=1&sync_id=8c7db07b-15a9-11ee-b89a-17819dd40207

43 B
548 B

186ms
186ms

Image
image/gif

103.71.26.125
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZJwdyQAAAJCZKQM4&img=1&__user_check__=1&sync_id=8c7db07b-15a9-11ee-b89a-17819dd40207
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: HTTP/1.1
Server: 103.71.26.125 , Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 11:47:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 83
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 28 Jun 2023 11:47:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=ZJwdyQAAAJCZKQM4&img=1&__user_check__=1&sync_id=8c7db07b-15a9-11ee-b89a-17819dd40207
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 5
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 5410
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZJwdyQAAAJCZKQM4&t=2592000&o=0

43 B
686 B

371ms
370ms

Image
image/gif

157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZJwdyQAAAJCZKQM4&t=2592000&o=0

Requested by

Protocol

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:47:24 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: public
x-fb-debug: DGcWuCgZdwzpTKgY0kLTQt38bzeXbQ0TsEx5Nix67QVYrVjpymwI8haokxWE6MaD0jYi1qPJjS/uYj1z3wmAgA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Wed, 28 Jun 2023 04:47:24 PDT

Redirect headers

x-served-by: cache-bfi-krnt7300101-BFI
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1687952844.739219,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZJwdyQAAAJCZKQM4&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 202A 427 KB
172 KB 1161ms
187ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

02ca49fda602d411bc21fbfa941871cd8944352e3ffb6b289b4f86eb1849a6c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscriptions.geelongadvertiser.com.au/
Origin: https://subscriptions.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 10:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175191
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 10:31:40 GMT

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame 5410 43 B
412 B 1034ms
265ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 34
date: Wed, 28 Jun 2023 11:47:24 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 32877
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-bfi-kbfi7400061-BFI
pragma: no-cache
server: nginx
x-timer: S1687952845.598947,VS0,VE34
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 0
sync.1rx.io/usersync/adobe/ Frame 5410 0
99 B 705ms
231ms Image
text/plain 74.118.186.107
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.107 , Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:24 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame CA69 4 KB
2 KB 569ms
186ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 02:14:05 GMT
Content-Encoding: gzip
Via: 1.1 9a5938d4350356dbc5967e5d8ef5ba48.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-C1
Age: 34400
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 7PzxaAH_SLAG5fw11fM_XZdo8CSiftzEt1pqaqVzAd_NkuRgABA2mw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame BF9A 140 KB
54 KB 864ms
188ms Script
application/javascript 172.253.118.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-842662438

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

deb8e659e4468305cfdc5f388ae740ee96c5177f5b2ed866dc0bdf94b2d694f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54966
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jun 2023 11:47:24 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 0FB7 4 KB
2 KB 662ms
208ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 02:14:05 GMT
Content-Encoding: gzip
Via: 1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-C1
Age: 34400
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: X8-bGxtz6_vyQ8e6ZFWs9ipX2_BoGvdOJmGEkUnshfQbTU4It-sM2A==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 6E31 9 KB
4 KB 1088ms
216ms Script
application/javascript 104.91.76.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium&nk=e1bea05af7b4d964054353420f5f93aa-1687952834
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.91.76.188 Tseung Kwan O, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-76-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Unused62: 8096267
Date: Wed, 28 Jun 2023 11:47:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 3340
Expires: Thu, 29 Jun 2023 11:47:26 GMT

GET
H2

200

activityi;dc_pre=CM6rw63y5f8CFQV_fQodd1cNzQ;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89 Show response
8228261.fls.doubleclick.net/ Frame 4A40
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CM6rw63y5f8CFQV_fQodd1cNzQ;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=803266378249...

401 B
333 B

196ms
195ms

Document
text/html

74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CM6rw63y5f8CFQV_fQodd1cNzQ;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

cafe /

Resource Hash

1d1a084d2feaa3d9d3ea2f96fb23c1f84b90d1e65d56356877f947286c44d1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 224
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:47:24 GMT
expires: Wed, 28 Jun 2023 11:47:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:47:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CM6rw63y5f8CFQV_fQodd1cNzQ;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CLy_w63y5f8CFRQpcgodjxEDgQ;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826 Show response
8228261.fls.doubleclick.net/ Frame 1D01
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLy_w63y5f8CFRQpcgodjxEDgQ;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=313334615536...

403 B
295 B

206ms
205ms

Document
text/html

74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CLy_w63y5f8CFRQpcgodjxEDgQ;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

cafe /

Resource Hash

3faaab595e0e1e41665c9f392193993c0be10fcfa000dca71d1bacb6dd54362a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:47:24 GMT
expires: Wed, 28 Jun 2023 11:47:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:47:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLy_w63y5f8CFRQpcgodjxEDgQ;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CMe3w63y5f8CFUMEgwMdwnEJRw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052 Show response
8228261.fls.doubleclick.net/ Frame A84C
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMe3w63y5f8CFUMEgwMdwnEJRw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=611893530108...

402 B
290 B

196ms
196ms

Document
text/html

74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CMe3w63y5f8CFUMEgwMdwnEJRw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

cafe /

Resource Hash

96c19c2c5f0ca8019b256c51bcd14fa57d351aa31621b5bcc22e74f20b440ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 224
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:47:24 GMT
expires: Wed, 28 Jun 2023 11:47:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:47:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMe3w63y5f8CFUMEgwMdwnEJRw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame F0A8
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:sn89jzz&fmt=3
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vlKTANZE2uI0B2gw6Pd4TeJQOBQfVU4-~A&gdpr=0

70 B
663 B

96ms
96ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vlKTANZE2uI0B2gw6Pd4TeJQOBQfVU4-~A&gdpr=0
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-vlKTANZE2uI0B2gw6Pd4TeJQOBQfVU4-~A&gdpr=0
date: Wed, 28 Jun 2023 11:47:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 632B
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:dc3lunr&fmt=3
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzI4ZGFhOGQtOWJhYy00ZjMzLWJlYzktMWExNjI1MGI0NjI5&gdpr=0&gdpr_consent=&ttd_tdid=328daa8d-9bac-4f33-bec9-1a162...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=328daa8d-9bac-4f33-bec9-1a16250b4629&google_gid=CAESEAR3k1Ohlg1eNOsRFttoSBo&google_cver=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0

70 B
663 B

95ms
95ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0
date: Wed, 28 Jun 2023 11:47:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 9FA5
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=xmwilhl&ct=0:nrubs1l&fmt=3
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0

70 B
663 B

97ms
96ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3zFQLmdE2uKnJiZ4FZtSuLUFTPZiBYY-~A&gdpr=0
date: Wed, 28 Jun 2023 11:47:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame E653
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=xmwilhl&ct=0:nucu8f9&fmt=3
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MzI4ZGFhOGQtOWJhYy00ZjMzLWJlYzktMWExNjI1MGI0NjI5&gdpr=0&gdpr_consent=&ttd_tdid=328daa8d-9bac-4f33-bec9-1a162...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=328daa8d-9bac-4f33-bec9-1a16250b4629&google_gid=CAESEAR3k1Ohlg1eNOsRFttoSBo&google_cver=1
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=328daa8d-9bac-4f33-bec9-1a16250b4629&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=328daa8d-9bac-4f33-bec9-1a16250b4629&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fUC8TAZE2uLEAr9M.OD8DyA4mPbmkGw-~A&gdpr=0

70 B
663 B

96ms
95ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fUC8TAZE2uLEAr9M.OD8DyA4mPbmkGw-~A&gdpr=0
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-fUC8TAZE2uLEAr9M.OD8DyA4mPbmkGw-~A&gdpr=0
date: Wed, 28 Jun 2023 11:47:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
1 KB 713ms
257ms Image
application/javascript 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1050017&seg=15376868&t=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:47:24 GMT
AN-X-Request-Uuid: 28b17450-7a7c-4eec-8f60-1d9185d82761
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 66.203.112.162; 66.203.112.162; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
1 KB 699ms
243ms Image
application/javascript 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1050013&seg=15376754&t=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:47:24 GMT
AN-X-Request-Uuid: 87b46182-99c6-48d2-88fd-ce9b76fb35ac
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 66.203.112.162; 66.203.112.162; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
1 KB 727ms
244ms Image
application/javascript 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1050012&seg=15376743&t=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 11:47:24 GMT
AN-X-Request-Uuid: d9e8250d-78e5-4029-b688-8d30e013eac7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 66.203.112.162; 66.203.112.162; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ 44 B
597 B 189ms
188ms Image
image/gif 54.251.134.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b12_subscribe_S&asn=subscribe&fp_id=5yj4vtwllakmaatokzif9vws9a3ha1687952842&fp_cr_tm=1687952842685&fp_acc_tm=1687952842685&fp_emm_tm=1687952842685&ve_id=&sessionId=mhpyayiqn1hzo3n7ehl5rdesuwt9v1687952842&prv=1&c6=vc,b12&ca=NA&c13=asid,P9639CC51-2F11-48E8-B888-393496680A12&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,ighiv4uecglgemnfnfhdugxrcfo8p1687952842&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16879528426822255&c30=bldv,6.0.0.663&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1687952840912&c3=st,c&c64=starttm,1687952844&adid=1687952840912&c58=isLive,false&c59=sesid,&c61=createtm,1687952843&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&c66=mediaurl,&sdd=&c62=sendTime,1687952843&rnd=292090
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.251.134.114 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-134-114.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:24 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H/1.1 200
OK tme
lm.serving-sys.com/lm/ 0
194 B 2352ms
337ms Ping
text/plain 3.123.99.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/tme
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.99.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-99-39.eu-central-1.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

POST
H/1.1 200
OK tme
lm.serving-sys.com/lm/ 0
194 B 2342ms
337ms Ping
text/plain 3.123.99.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/tme
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.99.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-99-39.eu-central-1.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

POST
H/1.1 200
OK tme
lm.serving-sys.com/lm/ 0
194 B 2332ms
339ms Ping
text/plain 3.123.99.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/tme
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.99.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-99-39.eu-central-1.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 dc_pre=CM6rw63y5f8CFQV_fQodd1cNzQ;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89
adservice.google.com/ddm/fls/z/ Frame 4A40 42 B
262 B 195ms
195ms Image
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM6rw63y5f8CFQV_fQodd1cNzQ;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CM6rw63y5f8CFQV_fQodd1cNzQ;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8032663782496.89?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMe3w63y5f8CFUMEgwMdwnEJRw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052
adservice.google.com/ddm/fls/z/ Frame A84C 42 B
107 B 195ms
194ms Image
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMe3w63y5f8CFUMEgwMdwnEJRw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMe3w63y5f8CFUMEgwMdwnEJRw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6118935301084.052?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLy_w63y5f8CFRQpcgodjxEDgQ;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826
adservice.google.com/ddm/fls/z/ Frame 1D01 42 B
107 B 196ms
196ms Image
image/gif 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLy_w63y5f8CFRQpcgodjxEDgQ;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLy_w63y5f8CFRQpcgodjxEDgQ;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3133346155361.6826?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 84DD 200 B
1 KB 190ms
190ms Document
text/html 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1093
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:29:13 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 22 Jun 2023 20:03:59 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
x-amz-cf-id: w8efwogs9FO2MkrO0VjhTPuQL70xkk2pNaQxA9B1VOVqnHV03mNETQ==
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame EEBB 739 B
1 KB 97ms
97ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=xmwilhl&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&upid=gwdsao6&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 3117f886ee7e030abec55266626334fcfc2002ba7b1900fcf85e894221c53c09

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:47:24 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame E56A 739 B
1 KB 98ms
98ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&upid=3ausds4&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 556115c220536b998090f70c07390467cbffaa278c7559f282bf0e59ec847585

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:47:25 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame EEBB 487 B
963 B 237ms
236ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=xmwilhl&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&upid=gwdsao6&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 00:07:47 GMT
Via: 1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-C1
Age: 41979
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: e_GxFqyw_wH6W2Q8BEgel3bQpQ7yF_L7jYLI_GUaVkQB7iidDquJOw==

GET
DATA 200
OK truncated
/ Frame 202A 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88641804179ca6d14134f9c4ae904f672f24af374aee53e4026a2cc3bc722836

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame E56A 487 B
963 B 186ms
185ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&upid=3ausds4&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 00:07:47 GMT
Via: 1.1 9a5938d4350356dbc5967e5d8ef5ba48.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-C1
Age: 41979
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: OJ5RPzlqgXJ0leY-hNfT5js_g0lp1UDVRnYq0RHMWyDExBVHF_i2tA==

GET
H2 200 s18666174879482 Show response
metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/ 5 KB
5 KB 258ms
257ms Script
application/x-javascript 63.140.36.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/s18666174879482?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=28%2F5%2F2023%2011%3A47%3A25%203%200&cid.&newsnkidcookie.&id=e1bea05af7b4d964054353420f5f93aa&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=e1bea05af7b4d964054353420f5f93aa&mid=21896492169389091721179276958315256729&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=ga%7Csops%7Cshopfront%7Cbreach%2Bshopfront&g=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Da&cc=AUD&events=event8%2Cevent19&v1=news%20corp%20au&v2=geelong%20advertiser&v3=geelong%20advertiser%20web&v4=sops&v5=subscription&v6=customer%20details&v9=breach%2Bshopfront&v10=D%3DpageName&v11=D%3Dvid&v14=anonymous&v22=9%3A47%20PM%7CWednesday&v24=New&v34=D%3Dg&v38=GA_SDO_P0423A_W04&v77=D%3Dmid&v125=gp&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=nonymous%26mode%3Dpremium&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&lrt=948&AQE=1

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.148 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-148.data.adobedc.net

Software

jag /

Resource Hash

5a9a77da5152f63f9aea052ca77c790d23881b0500af3e0857866faa3ebcb2c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-aam-tid: x5U0GOPPRX4=
date: Wed, 28 Jun 2023 11:47:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4959
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-1-v045-03a034575.edge-usw2.demdex.com 5 ms
pragma: no-cache
last-modified: Thu, 29 Jun 2023 11:47:25 GMT
server: jag
etag: 3624851134446206976-4619804441284769842
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 27 Jun 2023 11:47:25 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 6E31 42 B
349 B 241ms
241ms Image
image/gif 104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1687952845087&v=0.0.20&u=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&r=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&st=1687952845086&et=1687952845087&if=1
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&memtype=anonymous&mode=premium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 11:47:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 66.203.112.162; 66.203.112.162; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842662438/ Frame BF9A 4 KB
2 KB 1042ms
368ms Script
text/javascript 74.125.130.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842662438/?random=1687952845117&cv=11&fst=1687952845117&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&hn=www.googleadservices.com&frm=1&auid=2119483805.1687952845&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-842662438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f155.1e100.net

Software

cafe /

Resource Hash

7798308e27b83fa0b018b2e2e36f2f0cde548e158fb05e98b978de93fe3a8a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1459
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/842662438/ Frame BF9A 3 KB
2 KB 193ms
192ms Script
text/javascript 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/842662438/?random=1687952845131&cv=11&fst=1687952845131&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&label=Uj4dCI_J9NgBEKaE6JED&hn=www.googleadservices.com&frm=1&gtm_ee=1&auid=2119483805.1687952845&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-842662438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

cafe /

Resource Hash

7afbd34fd81f78a0d2822c9d8696deae8111189748b42f215e97d72b8d9711e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1703
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 84DD 631 B
998 B 190ms
189ms Script
text/javascript 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:05:23 GMT
x-content-type-options: nosniff
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
age: 2523
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 631
last-modified: Fri, 23 Jun 2023 21:23:02 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: oKNQ9Jc4BmphTiW0cbPjZx-8KigA3r5iQdU4ePyaxKTx_e6h-9n27g==

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame FF45
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

70 B
663 B

96ms
95ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 28 Jun 2023 11:47:26 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 11:47:26 GMT
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server: nginx

GET
H/1.1 200
OK rum Show response
dsum-sec.casalemedia.com/ Frame 6913 43 B
632 B 295ms
295ms Document
image/gif 139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expiration=1690544845&gdpr=0&gdpr_consent=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Jun 2023 11:47:25 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 87DC
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

70 B
663 B

95ms
95ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 28 Jun 2023 11:47:26 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 11:47:26 GMT
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server: nginx

GET
H/1.1 200
OK rum Show response
dsum-sec.casalemedia.com/ Frame F75F 43 B
632 B 294ms
294ms Document
image/gif 139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=328daa8d-9bac-4f33-bec9-1a16250b4629&expiration=1690544844&gdpr=0&gdpr_consent=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 28 Jun 2023 11:47:25 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

POST
H2 200 csp-report
q.stripe.com/ Frame 84DD 0
717 B 248ms
246ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952845450769
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1687952845450494
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 84DD 0
717 B 250ms
249ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952845450885
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1687952845450608
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0852 930 B
1 KB 1047ms
243ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 94
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 11:47:26 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 18
x-content-type-options: nosniff
x-request-id: 1b6df343-1ba1-4eb7-af22-a8647a2824ec
x-served-by: cache-bfi-krnt7300102-BFI
x-timer: S1687952846.254386,VS0,VE0

GET
H2

200

/
www.google.com.au/pagead/1p-conversion/842662438/ Frame BF9A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842662438/?random=71926282&cv=11&fst=1687952845131&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ge...
https://www.google.com/pagead/1p-conversion/842662438/?random=71926282&cv=11&fst=1687952845131&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.a...
https://www.google.com.au/pagead/1p-conversion/842662438/?random=71926282&cv=11&fst=1687952845131&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.co...

42 B
108 B

816ms
197ms

Image
image/gif

74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/842662438/?random=71926282&cv=11&fst=1687952845131&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&label=Uj4dCI_J9NgBEKaE6JED&hn=www.googleadservices.com&frm=1&gtm_ee=1&auid=2119483805.1687952845&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExUdnBBWVE5LWViX05UNC1kMDZFaVlBNHJtaHd4OWpjQV9GekNfOGdUdEl2Yk9SZUNvX1VwTnpjSFViT19EblZXbnd5Y2RCRVEaWkNoRUk4TFR2cEFZUW4tX1gwT1RuNEtiM0FSSXVBT0JVVU1LU2FWcHZBai14X19PdGRxYjJPWDduek5QX29VV2paN1BYVFkxUU1YN2lYMEc0bjBScThrMUs2dyITCJGS863y5f8CFSEI1QodtZEIwA&is_vtc=1&ocp_id=zR2cZNH3DaGQ1Aa1o6KADA&cid=CAQSKQBygQiDU8tXNYhJBq5HKcwKM-vFTffDeTPsfscmCRx7De6CuEGNr4VQ&random=337069118&ipr=y&ezwbk=AZuM4hAe7yVdlBR0T6UZIjdeY16uUg-ErD_JbARoY-_5eA4B770wnHdRd2XVP4-T_BXxgVBlLqhaP7Ra3lTbipN-XGyP

Requested by

Protocol

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-conversion/842662438/?random=71926282&cv=11&fst=1687952845131&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&label=Uj4dCI_J9NgBEKaE6JED&hn=www.googleadservices.com&frm=1&gtm_ee=1&auid=2119483805.1687952845&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOExUdnBBWVE5LWViX05UNC1kMDZFaVlBNHJtaHd4OWpjQV9GekNfOGdUdEl2Yk9SZUNvX1VwTnpjSFViT19EblZXbnd5Y2RCRVEaWkNoRUk4TFR2cEFZUW4tX1gwT1RuNEtiM0FSSXVBT0JVVU1LU2FWcHZBai14X19PdGRxYjJPWDduek5QX29VV2paN1BYVFkxUU1YN2lYMEc0bjBScThrMUs2dyITCJGS863y5f8CFSEI1QodtZEIwA&is_vtc=1&ocp_id=zR2cZNH3DaGQ1Aa1o6KADA&cid=CAQSKQBygQiDU8tXNYhJBq5HKcwKM-vFTffDeTPsfscmCRx7De6CuEGNr4VQ&random=337069118&ipr=y&ezwbk=AZuM4hAe7yVdlBR0T6UZIjdeY16uUg-ErD_JbARoY-_5eA4B770wnHdRd2XVP4-T_BXxgVBlLqhaP7Ra3lTbipN-XGyP
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 202A 520 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 698b75b34c376b73b97acf42f0ec14f3554b420e658c4fe98d87721e4b5f7d8a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 202A 466 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Charter_Bold.woff2
subscriptions.news.com.au/media/fonts/Charter/ Frame 202A 11 KB
11 KB 562ms
187ms Font
binary/octet-stream 13.35.8.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter_Bold.woff2
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-115.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45a844d6787e4364f8c0ab321b2d5680d48604886d045685b6bf9c582518db9d

Request headers

Referer: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Origin: https://subscriptions.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 1b6Z9wm5mjr_.l.HoLoCCXx3v3T_1CSx
date: Wed, 28 Jun 2023 04:32:35 GMT
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 26091
x-cache: Hit from cloudfront
content-length: 11024
last-modified: Wed, 23 Sep 2020 08:43:11 GMT
server: AmazonS3
etag: "d7b524ce6a47a156d5f7767297b358f7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: ZdBIrH59CbqQ1LjlSLaY9xbqvW3usLlolE5owK5WnuTIgvxXjqD4cw==

GET SourceSansPro-Regular.woff2
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 202A 0
0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4ED5 50 KB
28 KB 199ms
199ms Document
text/html 74.125.24.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmdlZWxvbmdhZHZlcnRpc2VyLmNvbS5hdTo0NDM.&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=mf7rlp421dgh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f147.1e100.net

Software

GSE /

Resource Hash

f3c275c2ca612847cc260ed5b7d0374b04980aae469d13d21d56a2f12935915e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rafD2NfDCSKfugTZFY-Png' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subscriptions.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28100
content-security-policy: script-src 'report-sample' 'nonce-rafD2NfDCSKfugTZFY-Png' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:47:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 4ED5 55 KB
24 KB 188ms
187ms Stylesheet
text/css 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmdlZWxvbmdhZHZlcnRpc2VyLmNvbS5hdTo0NDM.&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=mf7rlp421dgh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 22:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 22:15:04 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 4ED5 427 KB
171 KB 202ms
202ms Script
text/javascript 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

02ca49fda602d411bc21fbfa941871cd8944352e3ffb6b289b4f86eb1849a6c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 10:31:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175191
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 10:31:40 GMT

GET
H2 200 SourceSansPro-Regular.woff
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 202A 122 KB
122 KB 344ms
344ms Font
application/font-woff 13.35.8.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-115.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16195932a322941f8ab596cd871ea6711727114816604b7b3b9cef6151e116b4

Request headers

Referer: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Origin: https://subscriptions.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: hyTeiSdiLXMTlxtBmXSWjZcOot_pN2JS
date: Tue, 27 Jun 2023 14:12:40 GMT
via: 1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 77687
x-cache: Hit from cloudfront
content-length: 124500
last-modified: Wed, 23 Sep 2020 08:43:40 GMT
server: AmazonS3
etag: "81daed0d0e384a1a42f4a73fc5ccf759"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: T2KXU6bFqGO-i-K5I8mKXFq3ObOpUcxr6GiD-7mpbRBuZZpW6SFUTg==

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4ED5 2 KB
2 KB 187ms
185ms Image
image/png 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 22:44:55 GMT
x-content-type-options: nosniff
age: 392551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 30 Jun 2023 22:44:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4ED5 15 KB
16 KB 654ms
186ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:13:28 GMT
x-content-type-options: nosniff
age: 344038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 12:13:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4ED5 15 KB
15 KB 700ms
232ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 08:25:20 GMT
x-content-type-options: nosniff
age: 98526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 08:25:20 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4ED5 102 B
203 B 195ms
195ms Other
text/javascript 74.125.24.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f147.1e100.net

Software

GSE /

Resource Hash

7cdd1ac485682bdbec3acd13ad2f7121dc33a37c8b1b9e295dccf11cab871a0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmdlZWxvbmdhZHZlcnRpc2VyLmNvbS5hdTo0NDM.&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=mf7rlp421dgh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 28 Jun 2023 11:47:26 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/842662438/ Frame BF9A 42 B
108 B 198ms
197ms Image
image/gif 74.125.24.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842662438/?random=1687952845117&cv=11&fst=1687950000000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3928419340&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/842662438/ Frame BF9A 42 B
455 B 866ms
192ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/842662438/?random=1687952845117&cv=11&fst=1687950000000&bg=ffffff&guid=ON&async=1&gtm=45be36q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3928419340&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 11:47:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 0852 0
491 B 248ms
247ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 28 Jun 2023 11:47:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952846508577
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1687952846506935
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0852 86 KB
15 KB 243ms
243ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:47:26 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 217
x-cache: HIT
content-length: 15407
x-request-id: 885b93c1-ea5b-4912-b732-92caae5a538a
x-served-by: cache-bfi-krnt7300102-BFI
server: Fastly
x-timer: S1687952847.504950,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 29

POST
H2 200 6 Show response
m.stripe.com/ Frame 0852 156 B
670 B 752ms
251ms XHR
application/json 44.239.151.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.151.24 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-151-24.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

593e9612054367224eea5e12ce8c87abed9d9b436501cc4201fea25d2dc7a365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 28 Jun 2023 11:47:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952847340790
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1687952847340230
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 878ms
201ms XHR
application/json 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

19755681fae47762ea6d328b9e59f7d76ade2bcc7868316fed78f9fea48ffcc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11388
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 884E 0
273 B 247ms
247ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-80a7ba695fc9e1b270b8af55ac699fea.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 28 Jun 2023 11:47:27 GMT
x-stripe-server-envoy-start-time-us: 1687952847179363
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1687952847178978
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 0852 156 B
669 B 250ms
250ms XHR
application/json 44.239.151.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.151.24 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-151-24.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

593e9612054367224eea5e12ce8c87abed9d9b436501cc4201fea25d2dc7a365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 28 Jun 2023 11:47:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952847606196
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1687952847605916
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 0852 156 B
669 B 299ms
299ms XHR
application/json 44.239.151.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.151.24 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-151-24.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

593e9612054367224eea5e12ce8c87abed9d9b436501cc4201fea25d2dc7a365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 28 Jun 2023 11:47:27 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1687952847657033
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1687952847656621
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 lookuplist Show response
au.audience.newscgp.com/ 108 B
480 B 668ms
285ms XHR
application/json 13.35.8.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=e1bea05af7b4d964054353420f5f93aa&&bust=16879528479010.48178851698298897&errors-in-body=1
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-63.sin5.r.cloudfront.net
Software: nginx /
Resource Hash: 08c0a1e462373865cc3d104b0cac71c327a72db77984809655c514fdf1771a3f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:28 GMT
via: 1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 108
x-amz-cf-id: yiu5B-zg7X6Pcig7kFkHVjtkQ7E-QlDWH1bnp8j6Ac8BEmX1jrrLBw==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 865ms
188ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 11:47:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9240 13 KB
5 KB 186ms
186ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 150164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 18:04:44 GMT
expires: Tue, 25 Jun 2024 18:04:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E22C 783 B
765 B 190ms
189ms Document
text/html 74.125.24.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f147.1e100.net

Software

GSE /

Resource Hash

3963c5d144a5b0fd53f43272b8712feced41d030eb4c6aa4a5c57b002ac1b4e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D8KORSd_1owJ6hdKkF-PtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-D8KORSd_1owJ6hdKkF-PtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 11:47:28 GMT
expires: Wed, 28 Jun 2023 11:47:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E22C 0
0 1199ms
224ms Image
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=2132402580215861&rc=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9240 37 KB
15 KB 1159ms
186ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 04:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 04:07:53 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 9240 0
40 B 185ms
185ms Image
text/plain 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?j2bVMQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:47:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 189ms
189ms Image
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=2132402580215861&bg=!JSalJnLNAAYQ3eRoMN07ADkAdvg8WtUZJROErRVg6yIQoye1prtPKaMbbDlTfdb7rxd9fjLdbs_cc2DfXogwlEXg_NdZF3iFnVkCAAAAY1IAAAACaAEHmQKlC3CZA-y8Oib7PdDfLAAVDN3QwMNDKnF5fLJ6jmcdRbpkFm3hJKzdfT_M8F7AUa4YsNSN3LprO7dn-gSDXfg9z63WI2IwSX2a17Zx6H95E1oEAEGgE6RxlymQaDHm6sfl7e4h7eStDx8b0YUkeEWgWP0zMvppa3TEfO8ClN6NEvScSbZsBS-O70t1lF0bn2cKA9r6t9WIFXsyLHE1b3wBBbYgT9xW35jC6TIP4MPL_pwvUUZM72KhTQ7ytwCrnUGAoWiTSO_nMW6HHQhllgbtLnWO1M6miOGcC1HGsYc9k45ZSDeiMkA6vcSNHQqNuqZeOdcjmXhlHcuub_bHF7tJo1dJWqpcttoZRolL2N0nLWIaTbTfu4woBGr5pmnvqJqTa4sK6dKReMjcnJFoxR24KcaEgX7qxYqaCf95YAFbg8dAPr-r3IEtb29HsudbpdWLtl9o4pAcvamlPNBDfKrDubyftyIFvcTIspvedGUyPtrML873HO-MhjXjxAsxhs-0r4RLQnwtr0B-PaEguDwRzVeH-2bv6Z5AnqDUspWYq6cFmTXSu0tv4toApGppYDeIEwILnrptw3C3DihLGJqsIdd4RuM0yoyyeO6tj5maG3DeISQhxNB-Vxpjfn6hUhFEeFF4P9WQ6S9PqlsAY-tjiwo0PPRz92KYH_RkL0H7_t3QlA5ChBtk_bVT1TshQ7Li-K4kfWRl9-wHClfJidUzKGd7Xnsypev5uSlUkImKAX4geLr5olWetSCIK5FZpFLxy1n8_DCBA9WRfrGbxYA2OZNunZWT_HyWSwp-K2ih2OMJFyVR7cW3KpmEzkiD2qjee4LgbxeYxF5iglwqcAsomxPhPDkEd5tAloKg-dKpmpeuiRcSXTdDUi106tr5aQJG7dQcRDU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
663 B 190ms
190ms Script
text/javascript 13.227.254.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

13.227.254.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-117.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 28 Jun 2023 11:03:58 GMT
x-content-type-options: nosniff
via: 1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
age: 2621
x-amz-cf-pop: SIN52-C3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 295
last-modified: Thu, 22 Jun 2023 20:03:59 GMT
server: Cloudfront
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: sIqndyryE_m9l2hg_3MdvDVIdJ6ZT4I90KfGk2UCKS9V1tXJiZHnUQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 287ms
287ms Image
image/gif 34.195.37.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=newspaywall.com.au&p=%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%3A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&u=n0k6SBYfQLL70X3&d=geelongadvertiser.com.au&g=36976&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=3014&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Fnews%252Fgeelong%252Fthomas-hoogstra-pleads-guilty-to-hacking-offences%252Fnews-story%252Fbdfd570557412730e7c5b3fd534d388e%26memtype%3Danonymous%26mode%3Dpremium&b=12138&t=DZ3aG6uyh2X4vzKYT21f0Cn-zLI&V=140&tz=0&sn=2&sv=Bit-AvwM4POBZBBImCb7Q2tBYShsV&sd=1&im=0e03041a&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.37.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-37-97.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 11:47:38 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/13/3ef653f0

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/vQ8OudVfXNsH/ly/0vuPz-3oIw/EDkYfmLSQL/R3weTgo7RAE/LT1OO2pt/Nkc

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/_sec/cp_challenge/sec-3-10.css

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/_sec/cp_challenge/sec-cpt-3-10.js

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/13/3ef653f0

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/vQ8OudVfXNsH/ly/0vuPz-3oIw/EDkYfmLSQL/R3weTgo7RAE/LT1OO2pt/Nkc

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/_sec/cp_challenge/sec-3-10.css

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/_sec/cp_challenge/sec-cpt-3-10.js

Domain: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

81 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geelongadvertiser.com.au/news/geelong/thomas-hoogstra-pleads-guilty-to-hacking-offences/news-story	1970-01-20 21:38:08	Name: nk Value: e1bea05af7b4d964054353420f5f93aa
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
.news.com.au/	1970-01-20 22:28:32	Name: nk Value: e1bea05af7b4d964054353420f5f93aa
www.geelongadvertiser.com.au/	1970-01-20 13:02:37	Name: AWSALB Value: R91xL3NuoHw+wJpuJCzO0/Tjk3GM9T6HzROEp9iDTLJfSGyFTBcHVoa4V0AnaL+14to6AWxKslLTakdCrbJ0MqQ6+1TMd9BV3jQa9+UZR8iPtykODDmO5zxOOOaq
www.geelongadvertiser.com.au/	1970-01-20 13:02:37	Name: AWSALBCORS Value: R91xL3NuoHw+wJpuJCzO0/Tjk3GM9T6HzROEp9iDTLJfSGyFTBcHVoa4V0AnaL+14to6AWxKslLTakdCrbJ0MqQ6+1TMd9BV3jQa9+UZR8iPtykODDmO5zxOOOaq
.geelongadvertiser.com.au/	1970-01-20 22:28:32	Name: nk Value: e1bea05af7b4d964054353420f5f93aa
.geelongadvertiser.com.au/	1970-01-20 22:28:32	Name: nk_debug Value: nk_not_set
.geelongadvertiser.com.au/	1970-01-20 22:28:32	Name: nk_ts Value: 1687952834
.geelongadvertiser.com.au/	1970-01-20 17:11:44	Name: optimizelyEndUserId Value: oeu1687952837495r0.7305214116523824
login.newscorpaustralia.com/	1970-01-20 21:38:30	Name: did Value: s%3Av0%3A88f073a0-15a9-11ee-9e5d-1fa01c2b2e1a.ggYLMEUstcPouX4BOjepKvGy9DFalQX%2B%2FyouyBEwrgs
.geelongadvertiser.com.au/	1970-01-20 21:38:08	Name: utag_main Value: v_id:018901d4519900899df5eaf14b2003074011406c00b08$_sn:1$_se:1$_ss:1$_st:1687954639067$ses_id:1687952839067%3Bexp-session$_pn:1%3Bexp-session
.demdex.net/	1970-01-20 17:11:44	Name: demdex Value: 21920557572790878541176898971991034499
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
.geelongadvertiser.com.au/	1970-01-20 12:52:34	Name: _ncg_sp_ses.a59a Value: *
.geelongadvertiser.com.au/	1970-01-20 12:52:34	Name: s_tbm Value: true
.geelongadvertiser.com.au/	1970-01-20 12:52:34	Name: s_inv Value: 0
.geelongadvertiser.com.au/	1970-01-20 12:52:34	Name: s_ppn Value: ga%7Csops%7Cshopfront%7Cbreach%2Bshopfront
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: ga%257Csops%257Cshopfront%257Cbreach%252Bshopfront%2C40%2C40%2C1200%2C1%2C2
.google.com/	1970-01-20 17:16:04	Name: NID Value: 511=MCQ-xtNKuBofZRMqp8mDggT1vnxO4dADExTprdXH7UYbUNqytJrRJZlOw0nrjNqofYU8BKQT--1ozrkFtznJR_S1mAMPOB-YbOtnOxrItnFD8euF4kq1EaMnE1-Z0pPRlPwtGu_AZuI6Oy7gnGbdgyzUUA6lYnLwHHzTqagsBIE
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 21:38:08	Name: everest_g_v2 Value: g_surferid~ZJwdyQAAAJCZKQM4
.geelongadvertiser.com.au/	1970-01-20 22:14:08	Name: __gads Value: ID=395ed5524aaf262d:T=1687952842:RT=1687952842:S=ALNI_MY6L4neD1NyjudeytmvrgqTbVyVJw
.geelongadvertiser.com.au/	1970-01-20 22:14:08	Name: __gpi Value: UID=00000c1acc4e60fb:T=1687952842:RT=1687952842:S=ALNI_Mbi0YQlsS0QzL_dMhZcN9gHxwKjjA
.dpm.demdex.net/	1970-01-20 17:11:44	Name: dpm Value: 21920557572790878541176898971991034499
.geelongadvertiser.com.au/	1970-01-20 22:28:32	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: 77933605%7CMCIDTS%7C19537%7CMCMID%7C21896492169389091721179276958315256729%7CMCAAMLH-1688557641%7C9%7CMCAAMB-1688557641%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1687960041s%7CNONE%7CMCAID%7CNONE%7CMCCIDH%7C-4362461%7CMCSYNCSOP%7C411-19544%7CvVersion%7C4.5.1
.adnxs.com/	1970-01-20 15:02:08	Name: uuid2 Value: 1775817129186315206
.adsrvr.org/	1970-01-20 21:39:35	Name: TDID Value: 328daa8d-9bac-4f33-bec9-1a16250b4629
.dotmetrics.net/	1970-01-20 21:38:08	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 21:38:08	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=c2b60059-29cc-410d-8207-5cd0493c5fb0&Created=06/28/2023 11:47:22&UserMode=0&guid=ea1ebfb0-64f5-4a6c-be2d-f334aa53d9e5&ver=1
.geelongadvertiser.com.au/	1970-01-20 15:02:08	Name: _fbp Value: fb.2.1687952842604.846425077
.geelongadvertiser.com.au/	1970-01-20 13:35:44	Name: nc_aam_segs Value: asgmnt%3D16675898
.geelongadvertiser.com.au/	1970-01-20 13:35:44	Name: aam_uuid Value: 21920557572790878541176898971991034499
.geelongadvertiser.com.au/	1970-01-20 17:11:44	Name: nol_fpid Value: 5yj4vtwllakmaatokzif9vws9a3ha1687952842\|1687952842685\|1687952842685\|1687952842685
.doubleclick.net/	1970-01-20 22:28:32	Name: IDE Value: AHWqTUk3zgFsvztpuVFiDG1xtA2n8PWh2ahCe1XVZlIH8dZyILdHe-nJvay5NpSFlBc
www.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: DM_SitId1563 Value: 1
www.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: DM_SitId1563SecId13075 Value: 1
.geelongadvertiser.com.au/	1970-01-20 22:28:32	Name: _ncg_sp_id.a59a Value: 270ca4d1-3867-4d7f-961e-3217145ed9e0.1687952842.1.1687952843.1687952842.dfcf9901-0f60-4681-957b-c275c7c10448
.geelongadvertiser.com.au/	1970-01-20 22:21:20	Name: _cb Value: n0k6SBYfQLL70X3
.geelongadvertiser.com.au/	1970-01-20 22:21:20	Name: _chartbeat2 Value: .1687952843095.1687952843095.1.Bit-AvwM4POBZBBImCb7Q2tBYShsV.1
.geelongadvertiser.com.au/	1970-01-20 12:52:34	Name: _cb_svref Value: null
au-script.dotmetrics.net/	1970-01-20 13:02:37	Name: AWSALBCORS Value: AsKphhevJY/1cAdaIg8jxvRmiIAeUMauEb9iSRiXnMFlCH4JQhfDxl8p87TOrXuOHVb/YDB7LfjSBlDxn2tiiYdScqpPpFFjNe24PJ3jXM9eyMd1uzGSikDDEWCz
.newscgp.com/	1970-01-20 21:38:08	Name: sp Value: 5b5741e9-b26e-4985-887b-97df34305217
.eyeota.net/	1970-01-20 21:39:35	Name: mako_uid Value: 18901d461e5-1e51000001085260
.eyeota.net/	1970-01-20 12:52:33	Name: SERVERID Value: 21088~DM
.turn.com/	1970-01-20 17:11:44	Name: uid Value: 3594341751515198353
.casalemedia.com/	1970-01-20 21:38:08	Name: CMID Value: ZJwdywhXlc0Kmpzu0aOMngAA
.casalemedia.com/	1970-01-20 15:02:08	Name: CMPS Value: 4732
.casalemedia.com/	1970-01-20 15:02:08	Name: CMPRO Value: 4732
.imrworldwide.com/	1970-01-20 22:14:08	Name: IMRID Value: 8bcc6a71-15a9-11ee-8798-699c774bab64
.scanscout.com/	1970-01-20 21:38:08	Name: uid Value: CI-aa6893b3e4b67ccc01e56f7090434218
.scanscout.com/	1970-01-20 21:38:08	Name: UIAA Value: 21920557572790878541176898971991034499
.scanscout.com/	1970-01-20 21:38:08	Name: UIXX_UPDT Value: "UIAA=1687952843417"
.rubiconproject.com/	1970-01-20 21:38:08	Name: khaos Value: LJFNJHLI-5-EGUJ
.bluekai.com/	1970-01-20 17:16:04	Name: bku Value: pSL991L57sEcIAx7
.bluekai.com/	1970-01-20 17:16:04	Name: bkpa Value: KJy9CxObd02pSUHknpxpmEQhwtkAwE/hmE/yBEDlBEz0BpAymezTBExh1EztmeATmEzhmEAh1e16BeA8J7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9WDzJ1X=
.demdex.net/	1970-01-20 17:11:44	Name: dextp Value: 358-1-1687952841685\|470-1-1687952841813\|481-1-1687952841940\|771-1-1687952842060\|903-1-1687952842161\|19566-1-1687952842261\|23728-1-1687952842362\|30432-1-1687952842469\|30064-1-1687952842574\|66757-1-1687952842693\|134096-1-1687952842794\|144230-1-1687952842902\|144231-1-1687952843003\|144232-1-1687952843106\|144233-1-1687952843206\|144234-1-1687952843308\|144235-1-1687952843409\|144236-1-1687952843510\|144237-1-1687952843612\|147592-1-1687952843713\|461447-1-1687952843814
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_6630 Value: 1
.serving-sys.com/	1970-01-20 13:35:44	Name: ActivityInfo2 Value: 004tSSDSz0_00452zDSz0_
.serving-sys.com/	1970-01-20 13:35:44	Name: OT2 Value: 0001DC1sTr
.serving-sys.com/	1970-01-20 13:35:44	Name: u2 Value: 2db34170-fa9c-484d-8b66-1f521e2c25424Ng050
.openx.net/	1970-01-20 21:38:08	Name: i Value: 02439944-5ec9-4277-86c3-268222310f8b\|1687952844
.pubmatic.com/	1970-01-20 15:02:08	Name: KRTBCOOKIE_218 Value: 4056-ZJwdyQAAAJCZKQM4&KRTB&22978-ZJwdyQAAAJCZKQM4&KRTB&23194-ZJwdyQAAAJCZKQM4&KRTB&23209-ZJwdyQAAAJCZKQM4
.pubmatic.com/	1970-01-20 13:35:44	Name: PugT Value: 1687952844
.krxd.net/	1970-01-20 17:11:44	Name: _kuid_ Value: PpGmfZMA
.spotxchange.com/	1970-01-20 13:32:52	Name: audience Value: 8c7db041-15a9-11ee-b89a-17819dd40207
.adnxs.com/	1970-01-20 15:02:08	Name: anj Value: dTM7k!M4/8D>6NRF']wIg2C%uvm**u!fss0=Ir4A3KL9D3I?.%1m%v1
.rubiconproject.com/	1970-01-20 21:38:08	Name: audit Value: 1\|ZVlC7qMewyoKKRkoc1pjM+VprEd5C5I71K0W95rAtTD6DZ3dTM5nwR3XWUk79gXcLOpi9Fo157HyUhTWCqUS/Lu8MdjV0SuEzyFos5jYRHpax18/ZOPlGGRUhsADudj5WHyB/7k9u+RLzQUtC5o73b17kSIl/myHoxw3IrM1QdF01qAbJMnMkX2NFdeBSG8D5IYzazhYCkuma+WVcS1g3g==
.geelongadvertiser.com.au/	1970-01-20 13:35:44	Name: s_nr30 Value: 1687952845082-New
.geelongadvertiser.com.au/	1970-01-20 22:28:32	Name: s_tslv Value: 1687952845082
.analytics.yahoo.com/	1970-01-20 21:38:08	Name: IDSYNC Value: 1769~2cgz
.geelongadvertiser.com.au/	1970-01-20 15:02:08	Name: _gcl_au Value: 1.1.2119483805.1687952845
.yahoo.com/	1970-01-20 21:38:30	Name: A3 Value: d=AQABBMwdnGQCEBsxs4Y-AsS41XiOCPEa3gIFEgEBAQFvnWSmZB6kxyMA_eMAAA&S=AQAAAkCi16an8B-8irEw1413j7I
.bidswitch.net/	1970-01-20 21:38:08	Name: c Value: 1687952846
.bidswitch.net/	1970-01-20 21:38:08	Name: tuuid_lu Value: 1687952846
.bidswitch.net/	1970-01-20 21:38:08	Name: tuuid Value: dd26ca5d-49df-44c9-a495-e786ec401dcb
.adsrvr.org/	1970-01-20 21:39:35	Name: TDCPM Value: CAESEgoDYWFtEgsIsuLx--71-zsQBRIVCgZnb29nbGUSCwjcqbON7_X7OxAFEhYKB3J1Ymljb24SCwjcqbON7_X7OxAFEhkKCnJpZ2h0bWVkaWESCwiO3aeS7_X7OxAFEhgKCWJpZHN3aXRjaBILCJTD7JPv9fs7EAUSFQoGY2FzYWxlEgsIlMPsk-_1-zsQBRgFIAMoAzILCJS778CF9vs7EAVCDyINCAESCQoFdGllcjIQAVoHdnJnZXM2bmAB
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: s_tp Value: 3014
m.stripe.com/	1970-01-20 22:28:32	Name: m Value: b0b61645-3e5c-4ac5-90c5-35a9775c58ac88332d
.www.geelongadvertiser.com.au/	1970-01-20 21:38:08	Name: __stripe_mid Value: 66d2d387-1bd0-4472-a59f-fa8f4b9750b6f38505
.www.geelongadvertiser.com.au/	1970-01-20 12:52:34	Name: __stripe_sid Value: a17e6ba4-1946-4341-9864-77429aa0e3c2904df8

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network	error	URL: https://login.newscorpaustralia.com/csp-reports Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
network	error	URL: https://login.newscorpaustralia.com/csp-reports Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID Message: Failed to load resource: the server responded with a status of 500 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	error	URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc#sourceCode=GAWEB_WRE170_a&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fnews%2Fgeelong%2Fthomas-hoogstra-pleads-guilty-to-hacking-offences%2Fnews-story%2Fbdfd570557412730e7c5b3fd534d388e&mode=premium&pkgDef=GA_SDO_P0423A_W04&origin=https%3A%2F%2Fwww.geelongadvertiser.com.au&memType=anonymous&v21=ga-casual-premium-breach-spc Message: Access to font at 'https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2' from origin 'https://subscriptions.geelongadvertiser.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
a20352597942.cdn.optimizely.com
acdn.adnxs.com
adservice.google.com
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
beacon.krxd.net
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.id5-sync.com
cdn.optimizely.com
cdn3.optimizely.com
cm.everesttech.net
cm.g.doubleclick.net
commerceapi.news.com.au
connect.facebook.net
content.api.news
d.turn.com
d8ede64fb0b4059f92faa47208f01578.safeframe.googlesyndication.com
dpm.demdex.net
dsf.newscorpaustralia.com
dsum-sec.casalemedia.com
dt.scanscout.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image5.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
lm.serving-sys.com
login.newscorpaustralia.com
logx.optimizely.com
m.stripe.com
m.stripe.network
match.adsrvr.org
merchant-ui-api.stripe.com
metrics.geelongadvertiser.com.au
mhpyayiqn1hzo3n7ehl5rdesuwt9v1687952842.nuid.imrworldwide.com
ncg.tags.news.com.au
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
pagead2.googlesyndication.com
pay.google.com
ping.chartbeat.net
pixel.rubiconproject.com
pixel.wp.com
play.google.com
ps.eyeota.net
q.stripe.com
r.stripe.com
rm-script.dotmetrics.net
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum.casalemedia.com
static.chartbeat.com
stats.wp.com
subscriptions.geelongadvertiser.com.au
subscriptions.news.com.au
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.geelongadvertiser.com.au
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
login.newscorpaustralia.com
subscriptions.news.com.au
103.71.26.125
104.22.52.86
104.254.150.228
104.254.151.120
104.69.166.9
104.69.168.60
104.83.196.200
104.91.76.188
104.91.76.201
118.215.80.114
13.224.249.23
13.224.249.38
13.227.254.117
13.227.254.68
13.35.16.234
13.35.8.115
13.35.8.63
139.5.84.243
142.250.4.154
142.251.10.154
142.251.12.154
151.101.0.176
151.101.2.49
151.101.65.44
157.240.235.1
157.240.235.35
162.19.138.119
172.217.194.92
172.253.118.138
172.253.118.97
18.141.80.142
18.143.106.89
18.155.68.27
18.155.68.45
184.26.20.144
192.0.66.58
192.0.76.3
199.127.207.180
23.199.76.145
23.56.28.14
3.1.137.229
3.123.99.39
3.219.198.131
34.195.37.97
35.213.12.39
35.244.159.8
42.99.140.187
44.239.151.24
50.116.239.135
52.223.40.198
52.43.206.219
52.84.228.218
52.88.112.86
54.156.85.3
54.179.176.233
54.187.119.242
54.187.159.182
54.192.150.103
54.192.150.56
54.251.134.114
54.255.159.244
54.66.105.184
54.70.49.196
63.140.36.130
63.140.36.148
64.233.170.132
67.199.150.86
69.173.158.64
74.118.186.107
74.125.130.155
74.125.200.157
74.125.24.132
74.125.24.139
74.125.24.147
74.125.24.148
74.125.24.94
74.125.68.94
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
0105add2de786317621e624c9af1b2b1e98b1e855b43f596938ebde82b2e3060
0249dc43fce5c7506ceb11eb153e85e68153186214ca6d86a73c5d4300e2ecc0
02ca49fda602d411bc21fbfa941871cd8944352e3ffb6b289b4f86eb1849a6c5
046302b18b5e0963dac00fc3c90983976ccda694439ba396ad46f3348cf64164
066e3f02735a1b050b4b530000e01009c051d86946593da9febd16a871eb3756
08c0a1e462373865cc3d104b0cac71c327a72db77984809655c514fdf1771a3f
0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590
0b6fb674e2e79f30521887dfe4c7e6b41102a555af24ba5d588535348bc6e3d5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0fc8a6e495e7cd447608aea7e0cd59b0e79bd4e74822d428c53880ac0db6c469
16195932a322941f8ab596cd871ea6711727114816604b7b3b9cef6151e116b4
17246ea215393ee3bdba7cc5399b50dba6e05d9bba09e97b3fdb9d02a3415d37
176a4d7346001286ad894be3cc341bd466f932e48f947c14deddd5ce422ac519
193a0221ed8d8aa20ff5668a30be0fca54a742312793a89a424f89a17e4ba088
19755681fae47762ea6d328b9e59f7d76ade2bcc7868316fed78f9fea48ffcc1
19a0f014c0d3edf26067c94da12902d1d211cbdfbf242cba8112f60163e15e99
1b1c2f524b143bc3a83524f11ad7b02bb7c8caa537ebc46e9ae6aa30c337a7b2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143
1d163cf98f60f11187b2070592f20aae9a224dbf1be20175016cf24ebeabb60b
1d1a084d2feaa3d9d3ea2f96fb23c1f84b90d1e65d56356877f947286c44d1c7
1e3bcc8ce748dbe1031fe24b4f1b97a05c877c2b3d5aae7543f305a45a7e3c73
23986d947e8adcb2664cdf17bebb05193b4303a8b94e313a0ed504cb0dc6a63e
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
26587f7d7f7c842e7b454e054f67972ce7314cf87bee34e4bf57d9780691be25
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
276b5ca3301511662e8cdb8ea08988f59db514c9b91a19f0ae233d36c84abef9
2c92818a99667058511b645d2829349b06e287a27cd0e141c6ed9e5d87ebf1b5
2de22d2cce6ccf2563f2b8f8ebf6840fcb0915a8fbe0d3e88a4321b8d0b6b8ea
2e7532d33d76085f9260e6ec5d9a061d591f5f78de643e5b05c2cc00f8a6209a
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
30d39037d63a65375e36debcdc6fbe1cac4ca8f7a418f05ba9a475474acfaeab
3117f886ee7e030abec55266626334fcfc2002ba7b1900fcf85e894221c53c09
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33
38f8cbb80d5a8a46d1db01f8933a74122429b57173170410ac82861108acc289
3963c5d144a5b0fd53f43272b8712feced41d030eb4c6aa4a5c57b002ac1b4e9
3cb89ebea6527df59287bc5d00d249d32042594d113a62049185b76945a6e959
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3faaab595e0e1e41665c9f392193993c0be10fcfa000dca71d1bacb6dd54362a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443e120db57ab3dfcd9c87b05caf487840d2629f175dd8fd53d26718a5dae940
45926764db4788195674cd6861fa93454383325a3b60ff0c6780774512d8d812
45a844d6787e4364f8c0ab321b2d5680d48604886d045685b6bf9c582518db9d
467996f832b426866ac703931f2d0c0b0ec2d7d099ce0ace5eaf24fe1b6d40b5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1a4f2c605f26bcf80a2cd8e5d48e887c2062a53cd1d993cb05250223e386a6
4fbafbff8042949827075c2bbb0b18df9a4f15582c1de42c204a5f9b5d3d5b87
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556115c220536b998090f70c07390467cbffaa278c7559f282bf0e59ec847585
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bc687b2a58d0145a7ab051dba9a1c8d64ff4bc048122726ed0960686e6d2e6
5786f36080159617f8c32ffb4343cb7d99ff62b2bf89033c131961460dbea7f8
593e9612054367224eea5e12ce8c87abed9d9b436501cc4201fea25d2dc7a365
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a9a77da5152f63f9aea052ca77c790d23881b0500af3e0857866faa3ebcb2c6
5e0b9a89afe3dd2614cafd6a2e3b7706d3e5de745b63f9f23943f144636ba091
5e806b3fac51d7b2385800138a607e25371e6681a4dc69a1d8d3c1365e5ac002
5e84552da3b262e6b9dc31b4477247fabcabc60258b35f37b5016524ac68f7b5
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6413cac069da0e1669802c0019821281440e276c252d46ecfa65b41c555742f8
6756a285ef9172275882dfbb3f4f44fab6b65def89bd99253931aa90b0cc03f0
698b75b34c376b73b97acf42f0ec14f3554b420e658c4fe98d87721e4b5f7d8a
6a9bc1773c75cbffd4bc0e281e8a51213cbd70b5273ce02582cbc330f400602b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce
6b44a23f958f60a8e28a17e0ae702cc89a3fd3d81d96dda5f6198762a234df59
6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
74a81037f2e748acf1b5bd10fbd4fc8d06429c175036f1357b46efa600fa8573
767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c
776822d281d0d7f93b0b7ac2fd5e7cdc4f0cfe13e1ae6dd2d1ec091ffc947366
7798308e27b83fa0b018b2e2e36f2f0cde548e158fb05e98b978de93fe3a8a81
7afbd34fd81f78a0d2822c9d8696deae8111189748b42f215e97d72b8d9711e1
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d
7cdd1ac485682bdbec3acd13ad2f7121dc33a37c8b1b9e295dccf11cab871a0a
7f3c6b58f7c57e2b2b1bb8e49260fe50e7366d3eadebc1414f53fb6c7854d9b2
85f98bbe7801acdcc2abc2fedbccd78dfb17a2ea1bcc7666b84b19e3fbffae58
8640916aba1207e4fcff9c894252543689989434cd9fc0dabd4cee60b3e763a5
869a72029a522dd22adb931f0510cbf8044b9f27c95cd3d41450cea0707ddba7
86e8ed098febe4691b72980ac9bb22f6370cd6fb7fd50f2fc3ca41f5a24c6ed7
8773eb198832002e4da0ff547d55965390ad80561efedde2e284c4b96fa5455c
88641804179ca6d14134f9c4ae904f672f24af374aee53e4026a2cc3bc722836
8ac972a09f7caaa1a2405c1ff7939e29b552d5f4f72c32886f32ce7df302344d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eb351d1e3d4a21d6b9a2eb37d67663ae36133446d077a70736352549e1caf8f
94c44ff30928aca0de57828e6c4e57a4b38a81ec69eb131952da7bd91133fcc6
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9584e01c9e0b3e5a9eab6e960eeda441896c6f0da4d40062a4925b9f63370738
96c19c2c5f0ca8019b256c51bcd14fa57d351aa31621b5bcc22e74f20b440ecd
99d2287c16562d07428c6d124092ef22641b17a710056952748685b7f9c510d0
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a33d6b4c228a135368fdef737a48d1a61cc86714b9ed3bdddb3e922e333a3764
a3b029951e626e7d3123a1f25886db28f5ea4f32d1e80491a3b8c8c51f13f5c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7c251a7bbe0a1eec80eb286d147f047bc072bf4e0b214de93350644353cf87e
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae
ad87e421b160d06bb4308e939089eb8cb495b1ef6bcb6aaa8ddc282033007f14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6d16eb993186a6c87efd46863d85ba59395d395b0f1199dc83e101345d0af63
b6d39e820d997f9d76ad33f0796e7ab3ce1cd6d34fb7533ffe1e4123020a468a
b749b811af45fd43246b551475d7d97369a3359cc2dc989b82a155f78671ad12
b7e7abd80685057cef3e9e61adc238859c60327aecb2e2988de81b5b4899b442
b7e7bcc8da113ca329f8422817955a7ba0aedc84152b28962e87c813a5fa2deb
b924179133a5a0c633a8a39dab244b421d633995ef21e5ac79ae0778873f97c9
bc16fd291c9404dea4228fdbe95fa02b712fb35e3c2c0ffcf9a6005de7371d01
bc2c3bc4253b185c7e94f5c88f0e723e6827c3426e3b38d8ba46deeb4a83375b
c19d723c5ff7387f5246c144c11cff050cd9dd2f9eab1bdc6fedf59abbf1a406
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c33c60d014227b42c513820e6d750cced736cda305beb7d6a20e35afe502648c
c5463d3a29d399e8e241f6d377b12dfc3b94da27a91319408a2ffb26e9619dfe
c90b93aefe3e302d14ecadafe3f8aa45b5f90db60d0d763d05650d205f518200
ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7
ce0521f284da500d2370fa55cb67572b396580e84c0a5a5c3a9513c1928ee665
cf18a23ebad9a8f687c4aa51b2911f7aaaad37ecf9b30582416bb11cc35cc7ed
cf3b2803b89ea7487c5d3d0104c7ff4edb35d12fd865fb98f83b1502d01437fa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d37c7ee32af1f07dbf22ab0a2e4c53707def7054bb4985ea89ca67db673106d8
d3a8124577caaaa498704b5844d43e6eb9ca3310d7247fc4c67d21eeec7ee7f4
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
deb8e659e4468305cfdc5f388ae740ee96c5177f5b2ed866dc0bdf94b2d694f4
dfad6d1cecf7337dcd922f1fab22a655d9e28aedddebb6d8ef5c07c8c277009b
e30565d344697a80f05882c11755c6d6a71626791bbc124df343b5edc7901312
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6d1acc43378dff625c02b13b7c50fe30f6b11107795c794939c145f300264dd
e7ed634b4a0338b5830e7f7ef9a8e0203d67a4bf29b0f84f804e8e109c49e669
eb9373e8759934d7c7979814271bd17d1f6578a0e26f322e1645a571bfba59e0
ec0295731deaba2b5676eea7961d5eacccd1183d74d6cb0bfef234533394e814
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eee4b740fa1ca55446b70cfbdc4ce54b00362f9ccd61c3db2c5f6fe432c340ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f14fa1d73924280a47b4eea60c76bc64b80718f914c92c88386a380e60b492b5
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3c275c2ca612847cc260ed5b7d0374b04980aae469d13d21d56a2f12935915e
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f57b6108982216411ab9034939c86440a3b5c53659300e07f1f7911e2d0ef2ef
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f960100f65d6f29382608b2fc5a8bdb0eacddb10b8aa39e36f70fe98f15d35bd
fab79de6cfef98582441e4add50be4bffc0e4535e25ece25c8abdd249934ecb6
fc36d166fe50568c25465a70f43155b620c9088ba6b79e3312edda1ff5f88576
fc9c14ba67baab831cbb7cf116c4139fa310a75d5bd61c2f159e51aa8147a158
fd421736bace3389bc9d8583b654ca52b894f02f7242442559f1799626887128
fe73f1fd4b06562be19aaeccf8ffeb47aa50dbc383d2e7e0a103ece055aea89c

www.geelongadvertiser.com.au Open in urlscan Pro 23.199.76.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

288 Requests

89 %HTTPS

0 %IPv6

44 Domains

86 Subdomains

69 IPs

8 Countries

4010 kBTransfer

11870 kBSize

81 Cookies

13 Outgoing links

Page URL History

Redirected requests

288 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geelongadvertiser.com.au Open in urlscan Pro
23.199.76.145 Public Scan

Screenshot
Live screenshot

Full Image

288
Requests

89 %
HTTPS

0 %
IPv6

44
Domains

86
Subdomains

69
IPs

8
Countries

4010 kB
Transfer

11870 kB
Size

81
Cookies

288 HTTP transactions
3 data transactions