urlscan.io logo urlscan.io
SecurityTrails logo

sitchu.com.au Open in urlscan Pro
13.107.226.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sgdbs6pn.r.eu-west-1.awstrack.me/L0/https:%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails%3Futm_campaign=sitc...
Effective URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=...
Submission: On January 28 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 9 countries across 72 domains to perform 362 HTTP transactions. The main IP is 13.107.226.40, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sitchu.com.au.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on November 19th 2023. Valid for: 6 months.
This is the only time sitchu.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.242.10.31 16509 (AMAZON-02)
56 13.107.226.40 8075 (MICROSOFT...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:800... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2600:1408:540... 20940 (AKAMAI-ASN1)
42 2607:f8b0:400... 15169 (GOOGLE)
1 23.0.25.37 16625 (AKAMAI-AS)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 23.196.74.139 16625 (AKAMAI-AS)
1 151.139.128.10 20446 (STACKPATH...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
3 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42::485 54113 (FASTLY)
2 9 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 54.192.51.120 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 151.101.128.84 54113 (FASTLY)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 44.218.235.8 14618 (AMAZON-AES)
1 13.225.195.128 16509 (AMAZON-02)
3 4 104.18.36.155 13335 (CLOUDFLAR...)
4 8 68.67.181.211 29990 (ASN-APPNEX)
1 35.186.253.211 15169 (GOOGLE)
1 2602:803:c002... 26667 (RUBICONPR...)
1 2620:100:a001... 19750 (AS-CRITEO)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 13.225.195.69 16509 (AMAZON-02)
1 7 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
3 104.87.85.54 16625 (AKAMAI-AS)
22 2607:f8b0:400... 15169 (GOOGLE)
26 2607:f8b0:400... 15169 (GOOGLE)
2 184.84.137.62 16625 (AKAMAI-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
10 48 142.251.163.154 15169 (GOOGLE)
2 172.64.151.101 13335 (CLOUDFLAR...)
3 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 74.119.119.150 19750 (AS-CRITEO)
2 2 54.156.106.93 14618 (AMAZON-AES)
1 1 18.208.74.217 14618 (AMAZON-AES)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
2 3 54.157.238.89 14618 (AMAZON-AES)
4 4 20.127.253.7 8075 (MICROSOFT...)
4 6 162.19.138.82 16276 (OVH)
3 8 34.98.64.218 396982 (GOOGLE-CL...)
1 2 23.50.125.47 16625 (AKAMAI-AS)
2 3 2600:1f18:4e9... 14618 (AMAZON-AES)
3 202.233.84.1 131957 (MICROAD M...)
2 3 51.222.239.232 16276 (OVH)
4 4 52.223.22.214 16509 (AMAZON-02)
2 2 35.207.24.140 15169 (GOOGLE)
1 1 35.214.167.88 15169 (GOOGLE)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 3 50.31.142.95 23352 (SERVERCEN...)
1 1 173.223.163.208 20940 (AKAMAI-ASN1)
1 18.235.96.255 14618 (AMAZON-AES)
2 2 185.167.164.39 198622 (ADFORM)
2 2 8.28.7.81 62713 (AS-PUBMATIC)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 3.215.237.92 14618 (AMAZON-AES)
2 172.253.115.155 15169 (GOOGLE)
4 13.32.151.24 16509 (AMAZON-02)
1 6 172.253.62.148 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 172.253.63.155 15169 (GOOGLE)
1 1 159.203.145.121 14061 (DIGITALOC...)
1 35.205.207.25 396982 (GOOGLE-CL...)
4 34.247.179.217 16509 (AMAZON-02)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 74.119.119.139 ()
1 18.211.142.103 14618 (AMAZON-AES)
1 54.210.6.32 14618 (AMAZON-AES)
3 4 15.197.193.217 16509 (AMAZON-02)
1 172.64.149.180 13335 (CLOUDFLAR...)
2 23.50.125.215 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
2 2 151.101.2.49 54113 (FASTLY)
2 5 52.46.128.147 16509 (AMAZON-02)
1 162.19.138.83 ()
4 5 8.43.72.97 ()
7 12 8.43.72.98 ()
1 67.220.226.233 ()
2 2 52.87.109.38 ()
1 1 54.152.50.166 ()
1 2 104.18.41.104 ()
1 147.75.198.144 ()
362 84
1    34.242.10.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-10-31.eu-west-1.compute.amazonaws.com
sgdbs6pn.r.eu-west-1.awstrack.me
56    13.107.226.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sitchu.com.au
2    2606:4700:3034::ac43:d4ac (United States)

ASN13335 (CLOUDFLARENET, US)
applets.ebxcdn.com
1    2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2600:1408:5400:392::1931 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
s.pinimg.com
42    2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    23.0.25.37 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-25-37.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
6    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)
pubfeed.linkby.com
1    23.196.74.139 (Sterling, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-74-139.deploy.static.akamaitechnologies.com
s7.addthis.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
2    2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
2    2606:4700:20::ac43:4b21 (United States)

ASN13335 (CLOUDFLARENET, US)
pubfeed-edge.linkby.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
9    2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4004:c1b::64 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.192.51.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-120.yul62.r.cloudfront.net
static.hotjar.com
1    2600:9000:2191:3200:13:c079:7880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.oribi.io
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c09::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4004:c0b::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.ca
4    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
log.pinterest.com
1    2600:1f18:730:b110:7999:6675:b6e4:df3f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    44.218.235.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-235-8.compute-1.amazonaws.com
rp4.liadm.com
1    13.225.195.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-128.yul62.r.cloudfront.net
script.hotjar.com
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
8    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
10    2607:f8b0:4004:c06::71 (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.225.195.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-69.yul62.r.cloudfront.net
vc.hotjar.io
7    2607:f8b0:4004:c06::69 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
6    2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
3    104.87.85.54 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-85-54.deploy.static.akamaitechnologies.com
a.teads.tv
22    2607:f8b0:4004:c06::94 (Washington, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
26    2607:f8b0:4004:c06::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    184.84.137.62 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-84-137-62.deploy.static.akamaitechnologies.com
t.teads.tv
2    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
48    142.251.163.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
cm.g.doubleclick.net
2    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    54.156.106.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-106-93.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    18.208.74.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-74-217.compute-1.amazonaws.com
ads.yieldmo.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
3    54.157.238.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-238-89.compute-1.amazonaws.com
match.sharethrough.com
4    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
6    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
interplaymedia-d.openx.net
2    23.50.125.47 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-47.deploy.static.akamaitechnologies.com
sync.teads.tv
3    2600:1f18:4e9:5a02:e9de:ec19:65e0:9ea1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
3    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
4    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    35.214.167.88 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 88.167.214.35.bc.googleusercontent.com
csync.loopme.me
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    50.31.142.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    173.223.163.208 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-223-163-208.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    18.235.96.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-96-255.compute-1.amazonaws.com
rtb.adentifi.com
2    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtrace.mediago.io
1    2600:1f18:612b:4280:c452:8a8b:24f9:dc81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
2    3.215.237.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-237-92.compute-1.amazonaws.com
prebid-a.rubiconproject.com
2    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
googleads4.g.doubleclick.net
4    13.32.151.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-24.iad66.r.cloudfront.net
bucket.cdnwebcloud.com
6    172.253.62.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f148.1e100.net
ad.doubleclick.net
4    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
www.googleadservices.com
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
1    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
4    34.247.179.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-179-217.eu-west-1.compute.amazonaws.com
neural40.cdnwebcloud.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    74.119.119.139 (None, )

ASN- ()
mug.criteo.com
1    18.211.142.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-142-103.compute-1.amazonaws.com
id.crwdcntrl.net
1    54.210.6.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-6-32.compute-1.amazonaws.com
idx.liadm.com
4    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    23.50.125.215 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-125-215.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    162.19.138.83 (None, )

ASN- ()
lb.eu-1-id5-sync.com
5    8.43.72.97 (None, )

ASN- ()
token.rubiconproject.com
12    8.43.72.98 (None, )

ASN- ()
pixel.rubiconproject.com
1    67.220.226.233 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    52.87.109.38 (None, )

ASN- ()
match.prod.bidr.io
1    54.152.50.166 (None, )

ASN- ()
sync.ipredictive.com
2    104.18.41.104 (None, )

ASN- ()
capi.connatix.com
1    147.75.198.144 (None, )

ASN- ()
prebid.a-mo.net
Apex Domain
Subdomains		 Transfer
75 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
ad.doubleclick.net — Cisco Umbrella Rank: 163
334 KB
74 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
726 KB
56 sitchu.com.au
sitchu.com.au
4 MB
23 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2076
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2989
eus.rubiconproject.com — Cisco Umbrella Rank: 579
token.rubiconproject.com
pixel.rubiconproject.com
188 KB
22 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
4 MB
18 google.com
analytics.google.com — Cisco Umbrella Rank: 154
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
72 KB
9 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
us-u.openx.net — Cisco Umbrella Rank: 524
interplaymedia-d.openx.net
2 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
acdn.adnxs.com — Cisco Umbrella Rank: 598
26 KB
8 cdnwebcloud.com
bucket.cdnwebcloud.com — Cisco Umbrella Rank: 22466
neural40.cdnwebcloud.com — Cisco Umbrella Rank: 28905
17 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1434
t.teads.tv — Cisco Umbrella Rank: 3052
sync.teads.tv — Cisco Umbrella Rank: 1376
136 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 4213
r.skimresources.com — Cisco Umbrella Rank: 4122
t.skimresources.com — Cisco Umbrella Rank: 4334
p.skimresources.com — Cisco Umbrella Rank: 5271
20 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com
4 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
7 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
111 KB
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.criteo.com — Cisco Umbrella Rank: 608
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com
2 KB
6 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
4 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
354 KB
6 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 3530
ct.pinterest.com — Cisco Umbrella Rank: 871
log.pinterest.com — Cisco Umbrella Rank: 4732
20 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
2 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
2 KB
4 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1482
3 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
2 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
970 B
3 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 11949
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
2 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
985 B
3 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1497
rp4.liadm.com — Cisco Umbrella Rank: 7027
idx.liadm.com — Cisco Umbrella Rank: 2032
1 KB
3 linkby.com
pubfeed.linkby.com — Cisco Umbrella Rank: 65599
pubfeed-edge.linkby.com — Cisco Umbrella Rank: 63003
5 KB
2 connatix.com
capi.connatix.com
522 B
2 bidr.io
match.prod.bidr.io
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
617 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 805
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
1 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 7618
962 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9185
515 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 681
script.hotjar.com — Cisco Umbrella Rank: 996
59 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
70 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 869
21 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
176 KB
2 ebxcdn.com
applets.ebxcdn.com — Cisco Umbrella Rank: 10292
3 KB
1 a-mo.net
prebid.a-mo.net
450 B
1 ipredictive.com
sync.ipredictive.com
493 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
273 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
2 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2323
824 B
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 34243
80 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 4928
464 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1311
175 B
1 mediago.io
gtrace.mediago.io — Cisco Umbrella Rank: 3342
466 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
35 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2898
1010 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1872
173 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
31 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
409 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 5589
485 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 651
598 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2633
257 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 oribi.io
cdn.oribi.io — Cisco Umbrella Rank: 28020
609 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
1 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3470
359 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
7 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1365
615 B
1 awstrack.me
sgdbs6pn.r.eu-west-1.awstrack.me
284 B
0 yahoo.net Failed
hb.yahoo.net Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
362 72
Domain Requested by
56 sitchu.com.au sitchu.com.au
48 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
sitchu.com.au
interplaymedia-d.openx.net
42 pagead2.googlesyndication.com sitchu.com.au
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
26 tpc.googlesyndication.com sitchu.com.au
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
22 s0.2mdn.net sitchu.com.au
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
s0.2mdn.net
12 pixel.rubiconproject.com 7 redirects
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 securepubads.g.doubleclick.net 2 redirects www.googletagservices.com
securepubads.g.doubleclick.net
sitchu.com.au
pagead2.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
7 us-u.openx.net 3 redirects googleads.g.doubleclick.net
interplaymedia-d.openx.net
7 www.google.com 1 redirects sitchu.com.au
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 ad.doubleclick.net 1 redirects sitchu.com.au
6 id5-sync.com 4 redirects ads.rubiconproject.com
6 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 ib.adnxs.com 2 redirects ads.rubiconproject.com
googleads.g.doubleclick.net
acdn.adnxs.com
6 www.googletagservices.com sitchu.com.au
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 s.amazon-adsystem.com 2 redirects interplaymedia-d.openx.net
4 match.adsrvr.org 3 redirects ads.rubiconproject.com
4 neural40.cdnwebcloud.com 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
4 www.googleadservices.com sitchu.com.au
4 fonts.gstatic.com fonts.googleapis.com
4 bucket.cdnwebcloud.com s0.2mdn.net
bucket.cdnwebcloud.com
4 eb2.3lift.com 4 redirects
4 sync.inmobi.com 4 redirects
4 px.ads.linkedin.com 3 redirects
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
3 b1sync.zemanta.com 3 redirects
3 onetag-sys.com 2 redirects sitchu.com.au
3 aid.send.microad.jp 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
3 pr-bh.ybp.yahoo.com 2 redirects interplaymedia-d.openx.net
3 match.sharethrough.com 2 redirects
3 a.teads.tv securepubads.g.doubleclick.net
a.teads.tv
3 ct.pinterest.com s.pinimg.com
sitchu.com.au
3 t.skimresources.com sitchu.com.au
s.skimresources.com
2 capi.connatix.com 1 redirects
2 match.prod.bidr.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 secure.adnxs.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 c1.adform.net 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 rtb2-useast.e-volution.ai 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 www.gstatic.com 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
2 fonts.googleapis.com 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
2 t.teads.tv sitchu.com.au
2 www.google.ca sitchu.com.au
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net sitchu.com.au
connect.facebook.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pubfeed-edge.linkby.com pubfeed.linkby.com
2 p.skimresources.com sitchu.com.au
2 www.googletagmanager.com sitchu.com.au
www.googletagmanager.com
2 assets.pinterest.com sitchu.com.au
assets.pinterest.com
2 applets.ebxcdn.com sitchu.com.au
applets.ebxcdn.com
1 prebid.a-mo.net
1 sync.ipredictive.com 1 redirects
1 aax-eu.amazon-adsystem.com
1 lb.eu-1-id5-sync.com ads.rubiconproject.com
1 interplaymedia-d.openx.net ads.rubiconproject.com
1 acdn.adnxs.com ads.rubiconproject.com
1 js-sec.indexww.com ads.rubiconproject.com
1 idx.liadm.com ads.rubiconproject.com
1 id.crwdcntrl.net ads.rubiconproject.com
1 ads.avads.net 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
1 cs.chocolateplatform.com 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 gtrace.mediago.io 1 redirects
1 rtb.adentifi.com 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
1 analytics.pangle-ads.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 tr.blismedia.com 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
1 static.criteo.net ads.rubiconproject.com
1 csync.loopme.me 1 redirects
1 dsp.adkernel.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 dis.criteo.com 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
1 log.pinterest.com sitchu.com.au
1 vc.hotjar.io script.hotjar.com
1 www.facebook.com sitchu.com.au
1 bidder.criteo.com ads.rubiconproject.com
1 fastlane.rubiconproject.com ads.rubiconproject.com
1 rtb.openx.net ads.rubiconproject.com
1 htlb.casalemedia.com ads.rubiconproject.com
1 script.hotjar.com static.hotjar.com
1 rp4.liadm.com sitchu.com.au
1 rp.liadm.com 1 redirects
1 analytics.google.com www.googletagmanager.com
1 cdn.oribi.io sitchu.com.au
1 static.hotjar.com sitchu.com.au
1 cdn.jsdelivr.net ads.rubiconproject.com
1 r.skimresources.com s.skimresources.com
1 s.skimresources.com sitchu.com.au
1 s7.addthis.com sitchu.com.au
1 pubfeed.linkby.com sitchu.com.au
1 ads.rubiconproject.com sitchu.com.au
1 cdnjs.cloudflare.com sitchu.com.au
1 polyfill.io sitchu.com.au
1 sgdbs6pn.r.eu-west-1.awstrack.me 1 redirects
0 hb.yahoo.net Failed
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
362 109
Subject Issuer Validity Valid
sitchu.com.au
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-11-19 -
2024-05-19		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-23 -
2024-03-21		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2024-01-11 -
2024-02-10		 a month crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
linkby.com
E1		 2024-01-15 -
2024-04-14		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
*.skimresources.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-11-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-06 -
2024-02-04		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
oribi.io
Amazon RSA 2048 M01		 2023-04-19 -
2024-05-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2023-10-03 -
2024-11-03		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.cdnwebcloud.com
Amazon RSA 2048 M03		 2023-08-23 -
2024-09-21		 a year crt.sh
*.avads.net
Go Daddy Secure Certificate Authority - G2		 2024-01-15 -
2025-02-15		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh

This page contains 36 frames:

Primary Page: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Frame ID: 7557FA10E155201EC7014311C82A73D3
Requests: 137 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.7765183482546858
Frame ID: E61A272527BF11F4DEA4E04CCC8E3080
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 1D89715E962DD6F213D4BD5E09BE6098
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355958662230762&output=html&adk=1812271804&adf=3025194257&lmt=1706433067&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706433067619&bpp=5&bdt=1301&idt=298&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4986291933516&frm=20&pv=2&ga_vid=1049417713.1706433068&ga_sid=1706433068&ga_hid=744596437&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C44795921%2C31080696%2C95320377%2C95320868%2C95320894%2C95321627%2C95322163%2C95323007&oid=2&pvsid=2822745632650962&tmod=207921342&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=328
Frame ID: A9D4393F9B04885D113DA59526FAB7E8
Requests: 1 HTTP requests in this frame

Frame: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 05690E58AE2D4D4CF41D89AA807D42D0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfHsgPFRVlJjff5Co7rWUrRgg0wkYtdVw5dPottOlyWm4YkDiSkQAfWyyKfUHFgtPzmFX-Ua9GHB5b15v6IOfZMc8-w_Q9OGe5c5NsYVgTVV5u-G0F-NiqmsDy8S9tit4f-91o1RUuQR5Nxa2l7sMMao7SR-vjFrEXAJmjGOA4uX97tv8abGs4FjO6Gbd7_ZQu9GMiDo8hQXIbciuxY6ESSWp5V2Mp3CSsAWni_cRh1vzGwzA4UZX9eHTn8VEHuh43aA0kW-UFSplIwZNKxAAQQAwzGScTGnHpgMw_dX7JW1Vp0U6mjPI0Z7pwvMBUORuLL7P4pieJnjTHr4soFcE&sai=AMfl-YSUt438SZ4zcr847hKkfNBoeV_USkGc1QSTWM_9d7olHai1mtzTFLzvXCbt7ycu7yd96Hko7goJv2F3o8Bxa8srH90_A4YyDAXRhD-HvMmcsba5B6YSaBZE7iqPKJM&sig=Cg0ArKJSzJUCIUu_NmBjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 7827A06E410BCB5655A4B27D508FDA6B
Requests: 6 HTTP requests in this frame

Frame: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1761A589CC798453B1C11A7EF591CD85
Requests: 18 HTTP requests in this frame

Frame: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A94B9D2BF3F3712620E172E1427BDEEE
Requests: 18 HTTP requests in this frame

Frame: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 78727C738C1C19271BCDE64BEEE5915C
Requests: 16 HTTP requests in this frame

Frame: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 207D74DB851C34E9B523A53AEF760CCE
Requests: 14 HTTP requests in this frame

Frame: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 96CF5659CEDCFBF4CEB83AA5352484C4
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEYlL3qwgEwAQ&v=APEucNVp4-xSfVaSZfv6Be1CTX5HE05QGjHWo17e1YHn556yiFWRN0Xmpfmmr9Q6qim4Dez1qWhBU8m0CyMY0Ew_C0SgTAmzBR1QmcLFFuUYTY-dQ6k-zkg
Frame ID: 69F589A2A28AB020B4F4C577A9DBEAFD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20CE8359D7D09E5F830DC386F316F5DB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEY5b3qwgEwAQ&v=APEucNXKtKx_Bxp54Cs_xd-imlTNFtA3yn8_f2KRIxRkFqHKUK-5pmawmhDu3iGruMDI0RSVcRNlIsBJhTH4LvERDvC8pvTJ4tVc2zw3WdDgiIr33nHUxxs
Frame ID: 1B5B68DECA944567A86D6A88EBF992C2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 43181F3228888E45511022C702C8929E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F62875F588DE310D990FCF3A2036D652
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 45BB177D397D5A7347CC6F46455772F1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 35F2B555E4FC5B6369B253AA114C4B45
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYjNiktgEwAQ&v=APEucNVRzsQySvC6F0KvOaPjkanu7XKInoG-0KneqU_HuooRCEw_CV7gp3eynUBTCGsl321KDK3l9H5mCsE6cccsGYKGKnzCzv90vt6FkcGhKm7Nv06WHcY
Frame ID: 5737F05AFDB2E9B99BECC6C0B4BCCF79
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C02DA8E3880C1DA3277E2E419AA91D6F
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
Frame ID: 7B0BDD39630E173C5483CD82FDDBBA92
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
Frame ID: F57A07AD2657F4A4A54D0F0FCD9713BB
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 09E4C7F7390A641DAC039F787E270E19
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2DC0D186A97BBE59E3186FB9CF9A8956
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A1A41630641E5C008ADEAFBDBCA3B3EE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: D2793C7216E72B6BE404E5D4FC566703
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 6289C0BE793AF787C85382843418DA73
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 945077EBCBE601D2B08F513B4F4971A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 4C8A783009FEFCA89622CBE0D062FAB1
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 837742683136CEC3B37322D270545385
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 06110EF499B6B27A32BDD6B9E7D215B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2F3F31F9B28A308CB37736142DF21C8
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F9096E814A4D3AC490ABB364183E3C39
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EFDEE226151756783463E18F6CDA15B6
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1AE6DF74FED5BBCE9EB9DF72F1694361
Requests: 2 HTTP requests in this frame

Frame: https://interplaymedia-d.openx.net/w/1.0/pd
Frame ID: 49795A1B59EB9283F9D8F497C54F627B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Best Australian Pre-Mixed & Canned Cocktails to Sip on Over Summer

Page URL History Show full URLs

  1. https://sgdbs6pn.r.eu-west-1.awstrack.me/L0/https:%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails... HTTP 302
    https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-ne... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • cdn\.oribi\.io
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

362
Requests

82 %
HTTPS

35 %
IPv6

72
Domains

109
Subdomains

84
IPs

9
Countries

10616 kB
Transfer

17809 kB
Size

92
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sgdbs6pn.r.eu-west-1.awstrack.me/L0/https:%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails%3Futm_campaign=sitchu-melbourne-newsletter%26utm_medium=email%26utm_edition=202311010600%26utm_source=newsletter/2/0102018b8fdaa969-60a2b578-1fba-48d5-9d1f-c689ca304f55-000000/SpQqsHce7n1rqCQoZ6ZFVwc3uco=346 HTTP 302
    https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://rp.liadm.com/j?dtstmp=1706433068082&se=e30&duid=8dc65b4b215e--01hn7ncehvqw16mxe610gp83hw&pu=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&wpn=prebid HTTP 302
  • https://rp4.liadm.com/j?se=e30&duid=8dc65b4b215e--01hn7ncehvqw16mxe610gp83hw&dtstmp=1706433068082&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjo0
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtoxf3Ex02jk5qvx820PdI&google_cver=1&gdpr=0
Request Chain 168
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbYaLh13AuqwcNNuFe-BUgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtoxf3Ex02jk5qvx820PdI&google_cver=1
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBKxvqg6LsRmIAN2mvGOl7g&google_cver=1
Request Chain 170
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D
Request Chain 192
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFhI3aUwOVJZhhNECOOYMS0&google_cver=1&google_push=AXcoOmQ_w4znCD4Rbfta9KDoRQgSG2aDCZbZDVihowqIym73m4RVC6haCev3OzCm142wqBaXwrVtqU5ZdpCzCV-b-edYXSzs8VW5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ_w4znCD4Rbfta9KDoRQgSG2aDCZbZDVihowqIym73m4RVC6haCev3OzCm142wqBaXwrVtqU5ZdpCzCV-b-edYXSzs8VW5
Request Chain 194
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE_o9Q6xMOUqtN76cZNo2Og&google_cver=1&google_push=AXcoOmSj1Of1MyZrLoe6q3QsQ4nAmsRsC5x9u_bBZ_PH8LVBHKZlp20VA3J9sHuJ_1jf63DxnT5toGiQuy_-a-4etG14I9YoWapS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=eWKhpx5YUWtHALyFbQLb_aYAzQQ&google_push=AXcoOmSj1Of1MyZrLoe6q3QsQ4nAmsRsC5x9u_bBZ_PH8LVBHKZlp20VA3J9sHuJ_1jf63DxnT5toGiQuy_-a-4etG14I9YoWapS
Request Chain 195
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMiJv2xIjGXnBWHEAhC6meQ&google_cver=1&google_push=AXcoOmT4yQyW69E9pwQjvi5ZU3FinzLr2DSrc_NSrUGGoshJogJ-oAGjxCC7uQVsDFkCdVpXXQ8iPnXHX2X9yRP9JuSJBsN38hBu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT4yQyW69E9pwQjvi5ZU3FinzLr2DSrc_NSrUGGoshJogJ-oAGjxCC7uQVsDFkCdVpXXQ8iPnXHX2X9yRP9JuSJBsN38hBu&google_hm=VkVBUG9ISGJiUEhsUURXSThha1o=
Request Chain 196
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEBf_Fr0Gg6KyPZRBBDvAPIk&google_cver=1&google_push=AXcoOmSgT8VGOTnUVb6ylqXcskd7x6JRBWNaEixbH1Yz7iTDUPYw3m7x9LBuwIXAFu_nI5Q8_FKEbVcBBt_HLXfD5Nm2204PGbId_g HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEBf_Fr0Gg6KyPZRBBDvAPIk%26google_cver%3D1%26google_push%3DAXcoOmSgT8VGOTnUVb6ylqXcskd7x6JRBWNaEixbH1Yz7iTDUPYw3m7x9LBuwIXAFu_nI5Q8_FKEbVcBBt_HLXfD5Nm2204PGbId_g HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A376228467116696185&exchange=193&google_gid=CAESEBf_Fr0Gg6KyPZRBBDvAPIk&google_cver=1&google_push=AXcoOmSgT8VGOTnUVb6ylqXcskd7x6JRBWNaEixbH1Yz7iTDUPYw3m7x9LBuwIXAFu_nI5Q8_FKEbVcBBt_HLXfD5Nm2204PGbId_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTM3NjIyODQ2NzExNjY5NjE4NQ&google_push=AXcoOmSgT8VGOTnUVb6ylqXcskd7x6JRBWNaEixbH1Yz7iTDUPYw3m7x9LBuwIXAFu_nI5Q8_FKEbVcBBt_HLXfD5Nm2204PGbId_g
Request Chain 197
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHswq4xdvw0b3bDZSwLmGMw&google_cver=1&google_push=AXcoOmTwVtsyLbyaAtZSRVx1n0IS9xx9WeIW142fD--6N2i6CKKb-VE-hrm8PaG_XLnsD5uxcdaIoQHu4Uj16kq7BgbQkOqB5lFicg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBkMjRmOGMtYmU1MC00YjNkLTk4MGQtNDY5YTUwZjE3Zjc0&google_push=AXcoOmTwVtsyLbyaAtZSRVx1n0IS9xx9WeIW142fD--6N2i6CKKb-VE-hrm8PaG_XLnsD5uxcdaIoQHu4Uj16kq7BgbQkOqB5lFicg
Request Chain 198
  • https://sync.inmobi.com/gob?google_gid=CAESEGu8m2QCuIT9vXNB8yiFKsE&google_cver=1&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-8c9ahX9ulB_qsWdj_9LprcNZKG8VrF4IITKQ8DvuQg&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=RZ8k_Rt93xgwVMSCTsmN&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw&google_nid=inmobi_new_eb
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1&gdpr=0
Request Chain 201
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEwYWQwMDctM2JhYS0yOWZiLWRmOTItMmYwY2I0MGUwZWM4
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAFhrr4LS9uw5_J8H7MQEAI&google_cver=1&gdpr=0
Request Chain 203
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjE4M2NhZmQtZDVkNC00MjBmLTlhOTktOGNlYTY3ZjVmOWRh
Request Chain 204
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFhI3aUwOVJZhhNECOOYMS0&google_cver=1&google_push=AXcoOmQGz9Tk1UIXw1Ywgct1jHxGjLDgnRn3Zk8Z11nDUU3E8w2v_B6cHduQLULBxR9lxgAn_mnYwBdUPPNOBNJy1n6M-lW9o0h9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQGz9Tk1UIXw1Ywgct1jHxGjLDgnRn3Zk8Z11nDUU3E8w2v_B6cHduQLULBxR9lxgAn_mnYwBdUPPNOBNJy1n6M-lW9o0h9
Request Chain 205
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGbO6a7-SHGzkBkQvrDhb90&google_cver=1&google_push=AXcoOmQgnExGI6-SEt42eZaIcyxKjQjLh90mHhi6pBgDwnGSewl6GAYROiGImFttKdKymIMVjn24PrA1-wtOGeLAdgREuBKg6-O4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQgnExGI6-SEt42eZaIcyxKjQjLh90mHhi6pBgDwnGSewl6GAYROiGImFttKdKymIMVjn24PrA1-wtOGeLAdgREuBKg6-O4&google_hm=eS1XV3NXb3dWRTJwSFpYX2hacURvQUpodUROeUw5SnJ2Tn5B
Request Chain 207
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAO6QG2UWVrn7yplaR_jMTo&google_cver=1&google_push=AXcoOmTU2zyog8O8X8SWJcSnvvZOaZymsT72fy7t9Piwwath0veB0KWAo6vIOU4nD4XL-XNA-kjAeP42OnXtpHLieREUxgZ4ObU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTU2zyog8O8X8SWJcSnvvZOaZymsT72fy7t9Piwwath0veB0KWAo6vIOU4nD4XL-XNA-kjAeP42OnXtpHLieREUxgZ4ObU
Request Chain 208
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOkg9R6Y8j3-Qcg4PXXSywI&google_cver=1&google_push=AXcoOmQz1Ey4AThsjnjHurX7BaLQx8s9z9avIoINo_i9uFBBsZ7-GWzJUnVeOG3LWVc6pz1G-ktcFb1gExUN2nUXBQhGSkG0Z1T5 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQz1Ey4AThsjnjHurX7BaLQx8s9z9avIoINo_i9uFBBsZ7-GWzJUnVeOG3LWVc6pz1G-ktcFb1gExUN2nUXBQhGSkG0Z1T5&google_gid=CAESEOkg9R6Y8j3-Qcg4PXXSywI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODMxNzY3OTY5NDUzNDQxMjg4MzUy&google_push=AXcoOmQz1Ey4AThsjnjHurX7BaLQx8s9z9avIoINo_i9uFBBsZ7-GWzJUnVeOG3LWVc6pz1G-ktcFb1gExUN2nUXBQhGSkG0Z1T5
Request Chain 209
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEMaGKzTBa_1EL4nU4Q1hkC8&google_cver=1&google_push=AXcoOmSGG93z40ExOX8oHwUlK9OTnAxgYU6sL4_IjoHS99x721eEKlSMw3vHDgL1QkKWJG_zuebkQNAKzgH9xvAmJTkB3zqrvx-J1w HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEMaGKzTBa_1EL4nU4Q1hkC8&google_cver=1&google_push=AXcoOmSGG93z40ExOX8oHwUlK9OTnAxgYU6sL4_IjoHS99x721eEKlSMw3vHDgL1QkKWJG_zuebkQNAKzgH9xvAmJTkB3zqrvx-J1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=bkViL1MdRYC0dFhLw6Wzaw==&no_redirect=1&google_push=AXcoOmSGG93z40ExOX8oHwUlK9OTnAxgYU6sL4_IjoHS99x721eEKlSMw3vHDgL1QkKWJG_zuebkQNAKzgH9xvAmJTkB3zqrvx-J1w
Request Chain 210
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEL-8PAaHWofOJuafuiwdvpc&google_cver=1&google_push=AXcoOmTeSOMOJlpzYrpW-Knu5vesUX4hS0bUPQ8ffRPF5iwmy1D4CeFWPaJHyU_8VmHfLUPVOzWWETeXItf-Hskoc0iZAkJHcFHdhA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ab95fcff-38e0-427e-baa4-4f6da99ecd63&google_cver=1&google_gid=CAESEL-8PAaHWofOJuafuiwdvpc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTeSOMOJlpzYrpW-Knu5vesUX4hS0bUPQ8ffRPF5iwmy1D4CeFWPaJHyU_8VmHfLUPVOzWWETeXItf-Hskoc0iZAkJHcFHdhA&gdpr=${GDPR}
Request Chain 215
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFjlGn4PhLuSB6WEKi9fFCU&google_cver=1&google_push=AXcoOmRx5VKQ0AMe01OAG7djn3KvIT26-XKpvpI4Gs4RmqDds2W8aETBUU6tK_OA_r_fmarPvPHVtpMRD4dRISi6JWNTtQHTX8V5 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFjlGn4PhLuSB6WEKi9fFCU&google_push=AXcoOmRx5VKQ0AMe01OAG7djn3KvIT26-XKpvpI4Gs4RmqDds2W8aETBUU6tK_OA_r_fmarPvPHVtpMRD4dRISi6JWNTtQHTX8V5&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRx5VKQ0AMe01OAG7djn3KvIT26-XKpvpI4Gs4RmqDds2W8aETBUU6tK_OA_r_fmarPvPHVtpMRD4dRISi6JWNTtQHTX8V5&google_hm=N21LdmgwMWV0X3o4N3pLRHFRbE8=
Request Chain 216
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE_o9Q6xMOUqtN76cZNo2Og&google_cver=1&google_push=AXcoOmRiBgd7yXqk5gScznFcfEe5KvEEWeXnPHs2dCJv2CJHq49REcy95wAF4y4zPh8hXYjckAjYImQDvFAOoAZuJonQlYr7OcuJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=eWKhpx5YUWtHALyFbQLb_aYAzQQ&google_push=AXcoOmRiBgd7yXqk5gScznFcfEe5KvEEWeXnPHs2dCJv2CJHq49REcy95wAF4y4zPh8hXYjckAjYImQDvFAOoAZuJonQlYr7OcuJ
Request Chain 217
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE1RPgHfDTHsMRmUo52-9ms&google_cver=1&google_push=AXcoOmRMdASnCBrO9PprV4tX5vLxmGmHCEEkjhIyAM1vgEfaCYCQ3HpHdD5xsrknzolWenLRgOPUeSkeIkqswKpYkxsepIa9sXuD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE1RPgHfDTHsMRmUo52-9ms&google_hm=ZbYaLh13AuqwcNNuFe_BUgAABV8AAAIB&google_nid=index&google_push=AXcoOmRMdASnCBrO9PprV4tX5vLxmGmHCEEkjhIyAM1vgEfaCYCQ3HpHdD5xsrknzolWenLRgOPUeSkeIkqswKpYkxsepIa9sXuD
Request Chain 218
  • https://sync.inmobi.com/gob?google_gid=CAESEGu8m2QCuIT9vXNB8yiFKsE&google_cver=1&google_push=AXcoOmTuRsQ2kPEcYEhoT_nda2CZgi4nFQ5dlYKNoZnsbiiIxKXg0GDrorx5mCB7Y2YjgrUvK1r1NyF7YLRqqVo6BSrzmPZxfLvglw HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTuRsQ2kPEcYEhoT_nda2CZgi4nFQ5dlYKNoZnsbiiIxKXg0GDrorx5mCB7Y2YjgrUvK1r1NyF7YLRqqVo6BSrzmPZxfLvglw HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-8c9ahX9ulB_qsWdj_9LprcNZKG8VrF4IITKQ8DvuQg&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=RZ8k_Rt93xgwVMSCTsmN&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw&google_nid=inmobi_new_eb
Request Chain 219
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKW7mrZPW8Ig4EyOsQ8FEm0&google_cver=1&google_push=AXcoOmRfMr9q-owOu4oGTSR6XUG6JjdEIwhPNVAGSFioQmP3FyWrXGfBAnPNURtQwdz_oRTKHyds2NqF-zx4mfbc5TSnI_4rISnw6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRfMr9q-owOu4oGTSR6XUG6JjdEIwhPNVAGSFioQmP3FyWrXGfBAnPNURtQwdz_oRTKHyds2NqF-zx4mfbc5TSnI_4rISnw6g
Request Chain 221
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 223
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEqPG-vdueGwEQZdjf4Ecy4&google_cver=1&google_push=AXcoOmS0OnKtbSrNVEB5enAJSr1lrAOGr92-q3ZCG_4V-dLGXJzhHh0qPmFOokHaeIRuB1H3k3Q0DRAmeVAU5y_MdTQ4MusDPDkj HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEqPG-vdueGwEQZdjf4Ecy4&google_cver=1&google_push=AXcoOmS0OnKtbSrNVEB5enAJSr1lrAOGr92-q3ZCG_4V-dLGXJzhHh0qPmFOokHaeIRuB1H3k3Q0DRAmeVAU5y_MdTQ4MusDPDkj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA2Njk1Mjc1Njk3MTY2ODk2NA&google_push=AXcoOmS0OnKtbSrNVEB5enAJSr1lrAOGr92-q3ZCG_4V-dLGXJzhHh0qPmFOokHaeIRuB1H3k3Q0DRAmeVAU5y_MdTQ4MusDPDkj
Request Chain 224
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIibG4pmD331_qlVv4dNX1I&google_cver=1&google_push=AXcoOmQzZz2Z1G2o4ynN5R7qad0Wd2zZw3zv6LRLzgFbU3O22S6Zu_GmjX7x4koNB8POmTgR9c8r_Jp5W0WzZgS62N-AkuUL1k2f HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIibG4pmD331_qlVv4dNX1I&google_cver=1&google_push=AXcoOmQzZz2Z1G2o4ynN5R7qad0Wd2zZw3zv6LRLzgFbU3O22S6Zu_GmjX7x4koNB8POmTgR9c8r_Jp5W0WzZgS62N-AkuUL1k2f&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=awNB1eBXSRGumyOt2aAP3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQzZz2Z1G2o4ynN5R7qad0Wd2zZw3zv6LRLzgFbU3O22S6Zu_GmjX7x4koNB8POmTgR9c8r_Jp5W0WzZgS62N-AkuUL1k2f
Request Chain 225
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOkg9R6Y8j3-Qcg4PXXSywI&google_cver=1&google_push=AXcoOmQ8WCyI8hFONOmb_cTFh0B7F8Yo5GWVuJNvNZAqN4ly_8yLHy8FwVVvJCD6XNhs7-TbITz8e5Q0-a3Fj8-jVDKcOdhIU_Y HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQ8WCyI8hFONOmb_cTFh0B7F8Yo5GWVuJNvNZAqN4ly_8yLHy8FwVVvJCD6XNhs7-TbITz8e5Q0-a3Fj8-jVDKcOdhIU_Y&google_gid=CAESEOkg9R6Y8j3-Qcg4PXXSywI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODMxNzY3OTY5NDUzNDQxMjg4MzUy&google_push=AXcoOmQ8WCyI8hFONOmb_cTFh0B7F8Yo5GWVuJNvNZAqN4ly_8yLHy8FwVVvJCD6XNhs7-TbITz8e5Q0-a3Fj8-jVDKcOdhIU_Y
Request Chain 226
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAO6QG2UWVrn7yplaR_jMTo&google_cver=1&google_push=AXcoOmRiRx_WAmWrXF5OaD1YyzraeUpNrCR3kVi0HfYKmSZcbVqPEy9PYzBwuoUI3HrvHlxhpecfpQPtN8Rcz2l-c4SASggcg2S9_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiRx_WAmWrXF5OaD1YyzraeUpNrCR3kVi0HfYKmSZcbVqPEy9PYzBwuoUI3HrvHlxhpecfpQPtN8Rcz2l-c4SASggcg2S9_A HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 227
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEKoLJENxlUL1SraGJyzXTsY&google_cver=1&google_push=AXcoOmTpmrlrUdBOGVOy7_1qZEwS_SgzRe1cd7z_T9o98gpcSdtGfgRoWSXM_pEHjJDKSKrn4DZbnrXyUcX_BCSZehZ-7VAv7AIb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTpmrlrUdBOGVOy7_1qZEwS_SgzRe1cd7z_T9o98gpcSdtGfgRoWSXM_pEHjJDKSKrn4DZbnrXyUcX_BCSZehZ-7VAv7AIb&google_hm=09dd4f7eecaa4ac72n3all00lrxa6w9q
Request Chain 228
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmTjt3gPFUIwUFwSgOxwgtH483Xq8fOE46sfVAs4TA2XuXqSDI1Zr4wVyyDS2_Hc7D0GkzAFIG-YMBG21rtqFnyuJqYUDXAD0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmTjt3gPFUIwUFwSgOxwgtH483Xq8fOE46sfVAs4TA2XuXqSDI1Zr4wVyyDS2_Hc7D0GkzAFIG-YMBG21rtqFnyuJqYUDXAD0g
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEIbfdLanjM-WnB029vhWVX4&google_cver=1&gdpr=0
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEAOXHlXXwbV6axTJzXYjuVU&google_cver=1
Request Chain 263
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CE4lWLRq2Zdv4EqGqwNYP04OPmAH4v4_xb5vnutmvEd_6taLbAhABIMPKnZoBYH2gAc_KxuMoyAEJqQJdTekvvg-mPuACAKgDAcgDywSqBKQCT9Ay6L5b7Uu6DqhkNJFVfbo5EBL1g6jjX1XlN0n_ZiUHsjGhLWkiMiZ87gqqZjM-h2ti0OaZn5wwhuNArsQpulsyK7DiXvzrUOJC0W13cMYgNjTNer4EI7TlfcZadWRO_ah-EFmE3rlBreWc0InsNhj2gmxggm-LSXIUnoq1jX-mZCuIPRSNUNmKzz1-_pzMnibmuCHMCxdmI57PvGU64lTPo9ANYcD5nUH5qS-qC9EKyzrerJtviyJeheKFeDTdhX6YxP9ZhqQej2-K522ojbEJfU288abXVqEc7P6Q_0twKS3TA5CGDpjIyAM0w4DazeEauKCG1O5VOJGAFSiyHsKnqP11QE7vMkyUQtzqFi606WGsl3MoOqQhlKvnjHbSLC6yGcAEgIjhtr0E4AQBiAW3vN7ISpIFBAgEGAGSBQQIBRgEoAYugAfPgpfDA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIytN9IIHwiAYRABGB0yAooCOgSAQIBASL39wTpYrJS1x97_gwOaCRZodHRwczovL291dGJhY2suY29tLmF1gAoDyAsBogwIKgYKBKy6sQLaDBEKCxCQ-r_74KLggaUBEgIBA-INEwjd4rXH3v-DAxUhFdAEHdPBAxO4E-QD2BMN0BUBmBYBgBcBshceChwIABIUcHViLTUzNTU5NTg2NjIyMzA3NjIYndltshgEEgKmUQ&sigh=iZZleCKAt88&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x25d2ea302bcf66670000000000000000%22,%222%22:%220xdf05d4b4e87c0c860000000000000000%22,%223%22:%220x43aa3f836c95d8cb0000000000000000%22,%224%22:%220x8ab72981e81ad2c0000000000000000%22,%225%22:%220xd117e652e8c427ba0000000000000000%22},%22debug_key%22:%223079420758063844295%22,%22debug_reporting%22:true,%22destination%22:%22https://outback.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210946192719%22],%2222%22:[%22true%22],%224%22:[%2201-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216672606508332256737%22}&andc=true
Request Chain 267
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct4K5LRq2Zd74EqGqwNYP04OPmAH2zszJdY3FverdEZyMspSPDBABIMPKnZoBYH2gAdL4y-IDyAEB4AIAqAMByAPLBKoEoQJP0OHWavws0VZ0PZzSDal0UQSkQ6FzdyOGx7bllBzebu7Dh5agTRe-ClG9LS4gBHxv-kGWQY7V07clvDKZ9YngHKR7t9tPkrDWE-3qqIyvlnNmymTD80uoJ9ufjkTk040yGvzM-SN2TCiCvDPAV-l9qgVjsV2FXg7ywoXoFf1U1wyylEFd19pkKXTk5w9FbRsbcBs-pMXiS_L7Fg3-N3zXcKwWdyLw_2XbEViMCKzL5JZlEBDdq5-2AdZzDHxGg9XNjUvQIaDVDiXjvnmTVpGzAS1-sFiJ77qncRhzHBlOjTFtLrvBoqFqDMhTmBcykML1NqjafcZdpQIkIoc4UVkkgVa6XBOFsRcn_E8nluy9yrIca-kPOtI20QkW4YgyoBfIwAT23v_olwLgBAGIBcCH97EHgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQiuoJ0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlislLXH3v-DA5oJKmh0dHBzOi8vd3d3LnNxdWFyZXNwYWNlLmNvbS93ZWJzaXRlLWRlc2lnboAKA8gLAaIMCCoGCgSsurEC2gwRCgsQsLrmh9zg8oz-ARICAQPiDRMI4OK1x97_gwMVIRXQBB3TwQMT2BMD0BUBgBcBshceChwIABIUcHViLTUzNTU5NTg2NjIyMzA3NjIYndltshgEEgLlWQ&sigh=KF0N376NWeI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd71e2e06a0a3bae40000000000000000%22,%222%22:%220x495f9081b59de4050000000000000000%22,%223%22:%220xe26fe75ed11a16e0000000000000000%22,%224%22:%220xcf13476ffee7f4a60000000000000000%22,%225%22:%220x2239317df4eac5e50000000000000000%22},%22debug_key%22:%22821361876680081040%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2201-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224241134925273962801%22}&andc=true
Request Chain 268
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375475082;dc_trk_aid=566519856;dc_trk_cid=198156616;ord=1573770332;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375475082;dc_pre=CLfMqcje_4MDFdcKaAgdqCEI-Q;dc_trk_aid=566519856;dc_trk_cid=198156616;ord=1573770332;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
Request Chain 271
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFhI3aUwOVJZhhNECOOYMS0&google_cver=1&google_push=AXcoOmSc1Q0Or3wW4E8PDLj6dTh6v2Q4_je1RRR8C5rhHsG19AlO5X7l7z9M-bXS3VFVkO5z0oONSaClF2HGIemTLbq3rXpSfyQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSc1Q0Or3wW4E8PDLj6dTh6v2Q4_je1RRR8C5rhHsG19AlO5X7l7z9M-bXS3VFVkO5z0oONSaClF2HGIemTLbq3rXpSfyQ
Request Chain 273
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFjlGn4PhLuSB6WEKi9fFCU&google_cver=1&google_push=AXcoOmTMg5SKQXrcA5uurhntwU2erN7Gck9tmYPsscbi613t-vzpw2yglTRDiZarrXfCJgkrg7Vm7DIgBGna6UQ_bXNh7vqouQI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTMg5SKQXrcA5uurhntwU2erN7Gck9tmYPsscbi613t-vzpw2yglTRDiZarrXfCJgkrg7Vm7DIgBGna6UQ_bXNh7vqouQI&google_hm=N21LdmgwMWV0X3o4N3pLRHFRbE8=
Request Chain 274
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESELyU65Fa_4iOvf5yicL_Mpo&google_cver=1&google_push=AXcoOmQUf-4Vy0X0A_ZTfSzD4Zo9WgKn5-vt2CvEmS4dStloCkFYd5XnveRmUn4zdMFnOBlvb_m7JMtnhTshIOLRQU-j85St9v8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmQUf-4Vy0X0A_ZTfSzD4Zo9WgKn5-vt2CvEmS4dStloCkFYd5XnveRmUn4zdMFnOBlvb_m7JMtnhTshIOLRQU-j85St9v8
Request Chain 275
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHswq4xdvw0b3bDZSwLmGMw&google_cver=1&google_push=AXcoOmTZNFmu3h0acwfkdjNff2ig37XXuX4HU3201tprZ_vmqNhqALzSiPc7FBaqLhI1wrchjcG8TKrSeNhOwDgSPDeqZZ_Oxp8y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBkMjRmOGMtYmU1MC00YjNkLTk4MGQtNDY5YTUwZjE3Zjc0&google_push=AXcoOmTZNFmu3h0acwfkdjNff2ig37XXuX4HU3201tprZ_vmqNhqALzSiPc7FBaqLhI1wrchjcG8TKrSeNhOwDgSPDeqZZ_Oxp8y
Request Chain 277
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmQuCgRbwJ4aVPA_WexgKZ3nlQyn4N869cuM0IMYvLjh_oAARO9bTmsKjNbrrBV5iVavz46L-dUpskxfPxm3j2AyjXogEvl_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmQuCgRbwJ4aVPA_WexgKZ3nlQyn4N869cuM0IMYvLjh_oAARO9bTmsKjNbrrBV5iVavz46L-dUpskxfPxm3j2AyjXogEvl_
Request Chain 332
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsitchu.com.au%2F&domain=sitchu.com.au&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=WRvvdHx3TDJRZFFQUHRtbWVPaUgzZERZcUNsUDQ3YVZQQ05YdGJ6REZhUjlmRURsejFrVUVjZFZDejZhUUUvRWY1VHhvRC9MQTRTaWVoUndFa3BOcmZWRC9meWZIUE1GQWFtZ1RpTDJrR2RWMmJBcUdsNi9WSHpMcTFkcWhnenBNSG9vdWJvM3JvT09HbWFsb1JDS1RObDZlM0FNcmFRdzZzOCthVUJ5bjVCYW5palY2ZkpJdzRGN2Z1SXZsdHJqR295SFU2OTIzeEtWd1BsSndiT0pZamNBdXNxWUltcHhIZndCM3RhdkRlOEJoTWp3ZzFpbVBmZEdwbHB3dC9KYlo5MUZxfA&cppv=2
Request Chain 341
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZbYaMgAArhmbHABK HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbYaMgAArhmbHABK&_test=ZbYaMgAArhmbHABK
Request Chain 343
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=f5b37fb0-ee77-cca5-0a7c-f72216df0b48 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=f5b37fb0-ee77-cca5-0a7c-f72216df0b48&dcc=t
Request Chain 344
  • https://match.adsrvr.org/track/cmf/openx?oxid=ad6503cd-f2dd-775f-ca72-75b57eecc0a8&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=ad6503cd-f2dd-775f-ca72-75b57eecc0a8&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=efadb6a8-8b68-4dc4-8bd3-eef906158ae5&ttd_puid=ad6503cd-f2dd-775f-ca72-75b57eecc0a8&gdpr=0&gdpr_consent=
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1
Request Chain 353
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRXA6UQ4-9-KPST&ex=d-rubiconproject.com&status=ok
Request Chain 354
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJhZTAyOGI5ODhiMTUzZjIwMGVkYWUzZjE5MDkyNTVjYjMzOTU1Nw
Request Chain 355
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CYcZpDRN5vGja2Q3i8FNLg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hboZj5E2oLaiMS3_sPMpjFBQC1z2j2wHAykFQ--~A
Request Chain 356
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=efadb6a8-8b68-4dc4-8bd3-eef906158ae5&gdpr=0&gdpr_consent=&expires=30
Request Chain 357
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJYQTZVUTQtOS1LUFNU HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBJ58ES-UW6bXzu0ipneTtA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJYQTZVUTQtOS1LUFNU&google_push=
Request Chain 358
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0VnVt8M5RvuheuiPiz9JtA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0VnVt8M5RvuheuiPiz9JtA
Request Chain 359
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRXA6UQ4-9-KPST
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBfGRbf4IqH9k_wyxoZ7wZI&google_cver=1
Request Chain 362
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAIjiE7LbDQAABPra2ljCA&expires=30
Request Chain 363
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ddc59d2c-8d6e-4ca2-8094-d2f86ebf157a&expires=30
Request Chain 364
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRXA6UQ4-9-KPST
Request Chain 365
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRXA6UQ4-9-KPST&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRXA6UQ4-9-KPST&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 366
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRXA6UQ4-9-KPST&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRXA6UQ4-9-KPST&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1acVBySlZORTJ1RnZXakhSdkpiZ3FhOXFWU3NvMng0UH5B&ovsid=LRXA6UQ4-9-KPST&dpid=58160
Request Chain 367
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRXA6UQ4-9-KPST
Request Chain 368
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRXA6UQ4-9-KPST

362 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request australian-pre-mixed-cocktails
sitchu.com.au/entertaining/
Redirect Chain
  • https://sgdbs6pn.r.eu-west-1.awstrack.me/L0/https:%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails%3Futm_campaign=sitchu-melbourne-newsletter%26utm_medium=email%26utm_edition=202...
  • https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
164 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b338fbf485bc1725762943bf71cdd9eddb360f2c3490aa8b8d927a4521df315
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=60
content-encoding
gzip
content-length
33541
content-type
text/html; charset=utf-8
date
Sun, 28 Jan 2024 09:11:06 GMT
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
strict-transport-security
max-age=10886400
vary
Accept-Encoding
x-azure-ref
0Jxq2ZQAAAABfICURSiJbRIzbNbTiXZIaWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-azure-ref-originshield
0Jxq2ZQAAAABCDbPNNYfjT4L1QhRYUVB3TU5aMjIxMDYwNjEyMDExADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_MISS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 28 Jan 2024 09:11:02 GMT
Location
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
ebx.js
applets.ebxcdn.com/ 		464 B
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://applets.ebxcdn.com/ebx.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d4ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:06 GMT
content-encoding
br
x-amzn-remapped-content-length
464
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1000
x-amzn-requestid
523e9a87-e3d4-4079-8d8c-c4ce7d8da6cc
x-amz-apigw-id
SPhqWGjhDoEEbTA=
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed Aug 30 13:25:09 GMT 2023
server
cloudflare
x-amzn-trace-id
Root=1-65b61641-0109a0f93f74d18c6a2a8acc;Sampled=0;lineage=7936cbcf:0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov8eOEp3gFaLPYUVKtgzhRM3mcZjc9dM5TLnKyULYTQtisL8ZBkuV6XvqBBsc2hfWitU8moKfWZttDpZFDlMDl5O7qfwx3VlzTcUVFcljR0yGXZNF9mOxgbqtTGuPnPGSu5JijEQlRYezgopi7C%2BxQo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
84c81b2bbbc839fb-YYZ
jquery-3.4.1.min.js
sitchu.com.au/public/lib/ 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/lib/jquery-3.4.1.min.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
x-azure-ref-originshield
0MRq0ZQAAAAA964K/N0QKQ55KWzJh0GAKTU5aMjIxMDYwNjExMDI1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
39419
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Sat, 13 May 2023 10:08:30 GMT
etag
"0e3f1dd8285d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
0Khq2ZQAAAACUsgOS5GQMT6h6P2H4Zxh2WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
polyfill.min.js
polyfill.io/v3/ 		104 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Array.prototype.find,Promise,Object.assign,Element.prototype.closest
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
age
0
detected-user-agent
Chrome/120.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.1/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.1/umd/popper.min.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
427237
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6689
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-52f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JXA2ainwwToVZ4zkBU%2FcPxvVpD2byohCkWpp2nthKkScV1%2FTxeb7qv4QUkiB0AKh%2Fm2qb31TUK8XRRXoMBN6IG0NEh%2FIQqtR%2FpgECDPI1t6EuQ2cpUU1QyZrSm7v4rW9ztGLcdqNlPzuOtIF0dAE2NP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84c81b2b9a4b387e-YYZ
expires
Fri, 17 Jan 2025 09:11:06 GMT
bootstrap.min.css
sitchu.com.au/public/lib/bootstrap-4.4.1/css/ 		156 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/lib/bootstrap-4.4.1/css/bootstrap.min.css
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
x-azure-ref-originshield
0MRq0ZQAAAAApFnIaLYOIRZ6TsiXnxPzUTU5aMjIxMDYwNjEyMDExADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
36257
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Sat, 13 May 2023 10:08:30 GMT
etag
"0e3f1dd8285d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
0Khq2ZQAAAACRyuy3F/DbQKvGLVMuqGbSWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
bootstrap.min.js
sitchu.com.au/public/lib/bootstrap-4.4.1/js/ 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/lib/bootstrap-4.4.1/js/bootstrap.min.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
x-azure-ref-originshield
0MRq0ZQAAAABLIZqaVVKRQ7bl2nGmGYb7TU5aMjIxMDYwNjEyMDI1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
22120
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Sat, 13 May 2023 10:08:30 GMT
etag
"0e3f1dd8285d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
0Khq2ZQAAAADi//wjUhOFRpJaT6f1yJ76WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
plyr.polyfilled.min.js
sitchu.com.au/public/lib/plyr-3.6.3/ 		188 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/lib/plyr-3.6.3/plyr.polyfilled.min.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
53c979baa68c9b4fcd97af1e6cb20df6991400f3f2a59c67af3b9758aa4b702b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
x-azure-ref-originshield
0MRq0ZQAAAACPbSYt7RbuS7Q+lmK7rVCkTU5aMjIxMDYwNjEyMDExADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Sat, 13 May 2023 10:08:30 GMT
etag
"0e3f1dd8285d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
0Khq2ZQAAAADu+JeJ8ovFT6kzvoc8vITYWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
plyr.css
sitchu.com.au/public/css/ 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/css/plyr.css
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65d934fbd80a29a2e9a36e213caf54cc8e50e1023918da96e25ff8e96b55b3f4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
x-azure-ref-originshield
0MRq0ZQAAAAAxuPGw4fjMQYmtArXpEwOzTU5aMjIxMDYwNjExMDQ5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
7232
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 May 2023 02:36:21 GMT
etag
"d5c270883189d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
0Khq2ZQAAAAB9gfsteTfeS4k+wo3saD3GWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
content.css
sitchu.com.au/public/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/css/content.css?v=7e371b7b
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
894e03b86d6f28a3c4ca1e370e9193dfb8af69215afd79a06a101279c454c4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
x-azure-ref-originshield
0MRq0ZQAAAAAKptP7Xw+iSYSWaUKhM1jfTU5aMjIxMDYwNjExMDI1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
1203
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Tue, 19 Sep 2023 04:43:47 GMT
etag
"a3b94e0b3ead91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
0Khq2ZQAAAADBIwWPf1fPRKV8n65F6/FsWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
structure.css
sitchu.com.au/public/css/ 		705 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e57adf59378cad4916f5e731188e2bf2c246ccc0300dfee7577d61e3f1f0492
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
x-azure-ref-originshield
0Mhq0ZQAAAAAYy/QvKUXnQKtpWw21jxM2TU5aMjIxMDYwNjEyMDExADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 30 Nov 2023 06:17:21 GMT
etag
"cd48b1e05423da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
0Khq2ZQAAAAB2b1Vb7gTJRJ+2DeQmb7hBWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
globals.js
sitchu.com.au/public/js/ 		329 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/js/globals.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a85012778e30f940eac45b05c1d43e32d0521f9709b3a2baeb8e4168b057f1f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
x-azure-ref-originshield
0Mhq0ZQAAAABgAXSQcewbQaWGx0SltuM6TU5aMjIxMDYwNjEyMDExADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
326
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Fri, 02 Jun 2023 04:09:28 GMT
etag
"14e7886895d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
0Khq2ZQAAAAD/y5wIe5I6SZeQqgdDiUlXWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
main.min.js
sitchu.com.au/public/js/ 		633 KB
229 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/js/main.min.js?v=7e371b7b
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
214444db74a1bb91efc8fdf7e4b6643f9b7182ca78fc43fe09e4746cc8ee5bee
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
x-azure-ref-originshield
0MRq0ZQAAAADUgiTE7Wl+SZ+7TbWQKnlhTU5aMjIxMDYwNjEyMDExADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Tue, 28 Nov 2023 02:40:40 GMT
etag
"4deac746a421da1:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
0Khq2ZQAAAAD935Rqf+5RS7igMGT9ReWTWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
pinit.js
assets.pinterest.com/js/ 		361 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:392::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
203
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7e738e72e6200beb9a5c3494e53eded8832687985d14e0a1726ec87056489f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51455
x-xss-protection
0
server
cafe
etag
5304427234667037547
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 28 Jan 2024 09:11:07 GMT
17664_sitchu_prebid.js
ads.rubiconproject.com/prebid/ 		484 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.0.25.37 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-25-37.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
03d4b4af65e26ec3c9a8bf4f59f97a59e5b635065f3440f56a1ce2e59b0f7129

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 00:06:11 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
155074
expires
Sun, 28 Jan 2024 09:11:07 GMT
gpt.js
www.googletagservices.com/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e734d625964362a28120f3b4d5cfe5480839c8b5f2760d0f2c397b50c0d1c25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29397
x-xss-protection
0
server
cafe
etag
623 / 19750 / 31080709 / config-hash: 16415232170016434785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:11:07 GMT
widget.js
pubfeed.linkby.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pubfeed.linkby.com/widget.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27b4b60b3e60991da0a05e106deed8ccd6f375938eb6e0ca50f4ab947b07434
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvggL6Z9ci5azKkspzaO4d0A%2F80ShtG5fyuuHLPIau%2Fl4hwRu1nK%2BwQvXqsP1wL%2BFLqT4%2FuRCVuDjescZPNq7LwM6QWEpvRtKbISGjYKRokLcV0xa4pM0xHXVGgwdt4BIBZBb6atGslPewin8rup0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
cf-ray
84c81b2ef8b0711c-YYZ
polyfill.min.js
sitchu.com.au/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/polyfill.min.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d66a9e827146c7cffff75212032752172352dc9eca81efe3ff413eb9e008f73a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
br
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
last-modified
Sat, 13 May 2023 10:07:48 GMT
x-azure-ref-originshield
0MRq0ZQAAAADJtfTFOyx4Qb0Zl/zFTq2ZTU5aMjIxMDYwNjEyMDM3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
etag
"032e9c48285d91:0"
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT
content-type
application/x-javascript
x-azure-ref
0Khq2ZQAAAABAzerUd6wIRKbFP36CjBE4WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
aspnet-validation.min.js
sitchu.com.au/App_Plugins/UmbracoForms/Assets/aspnet-client-validation/dist/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/App_Plugins/UmbracoForms/Assets/aspnet-client-validation/dist/aspnet-validation.min.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ec1354cc3f6369a90643d5de621f814996a62d6bf0635f60243928724ceb762
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
br
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
last-modified
Sat, 13 May 2023 10:07:46 GMT
x-azure-ref-originshield
0MRq0ZQAAAACG8h+WfBYwRokx546yIDT5TU5aMjIxMDYwNjExMDM1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
etag
"05b8c38285d91:0"
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT
content-type
application/x-javascript
x-azure-ref
0Khq2ZQAAAADWn0sEYXQBQKSOrbCA3tn4WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.74.139 Sterling, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-74-139.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
server
Oracle API Gateway
opc-request-id
/6211A37311E3F750E5C2953403171214/6706DC83F7A0C3AA92745885FA7DF92B
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
la-planchelie-re.jpg
sitchu.com.au/media/kkwf0p4a/ 		270 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/kkwf0p4a/la-planchelie-re.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133428801752600000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
19b988d0f8f0e1c99983821e19ff56c5be742fcaca8437e03790db7b1aee93fc
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAAAg8czf99QhS5oGD+t15uL7TU5aMjIxMDYwNjEyMDE3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
276600
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:42 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D1D994A8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAADuML2qltARQpfZEZAdzpMTWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:35 GMT
happy-hour-cocktails-co2.jpg
sitchu.com.au/media/55dppyft/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/55dppyft/happy-hour-cocktails-co2.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029185394300000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
15e21f72c9966cab46d76ee4b8fba118421dfb34dd67dbf2eef5b88d1b5e192d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAAAft9xspUt6So9hQGm7jTpvTU5aMjIxMDYwNjEyMDQ3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
78740
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:41 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D1CC291F"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAAAGF4D9b/TfQojTJQFpbeD0WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
jose-cuervo-sparkling-margarita.jpg
sitchu.com.au/media/qkroamtq/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/qkroamtq/jose-cuervo-sparkling-margarita.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133428791324030000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
91a08156cbe6d7ab937b8d779a7f83dbdfaaf9cebc8ef1057ae2e8d4fd0e29fe
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAABQ4qvU4PkiQaF/SoImp+rSTU5aMjIxMDYwNjEyMDQ1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
94028
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:43 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D283775E"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAADz5oU0N/45TLMM0xBqKjGcWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
gin-oclock4785.jpg
sitchu.com.au/media/0gbb0zh4/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/0gbb0zh4/gin-oclock4785.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133150120986730000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
38a0a3a58c0c1be90e6210105ee40bc5d6a097f0c09c25bfc1be017fec24702e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAAD3gbHLQTDJQoNXMDL28kKDTU5aMjIxMDYwNjEyMDM1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
97240
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:43 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D2DC86CF"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAABOyw4nAUP3TItjse1zRQkQWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
vokc23116_canlaunch_20230901_0493.jpg
sitchu.com.au/media/lidpoqkh/ 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/lidpoqkh/vokc23116_canlaunch_20230901_0493.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133434826172900000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e1830495ca7995e0749aec0797b8b9337ee1bb84c87e5fd5a83f1500e53ca40
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAADuURlIsQe0Q6JfSnji3zWETU5aMjIxMDYwNjEyMDQ5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
217732
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:48 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D57F0951"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAABUXn7b+RmlSpmOfd8uzmTsWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:35 GMT
feels-botanical.jpg
sitchu.com.au/media/ws0px50n/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/ws0px50n/feels-botanical.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133428867731300000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ace259e3982f650bcefd30c745406e84774581082c5cb04a831befeba3577008
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAADMyxf0edkdQqpkRPCOQsmZTU5aMjIxMDYwNjExMDQ5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
123850
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:45 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D3A29FED"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAAB6XscJFPRUQafLuSiVKlu2WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
818-kendall-jenner.jpg
sitchu.com.au/media/apnjqd1t/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/apnjqd1t/818-kendall-jenner.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133428869559670000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dff8be87b88dca2f9d4421f450f67b55d9173ebe620cbede5a93653c1587d138
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAACtUuWQUrI5TolPBgOjPblZTU5aMjIxMDYwNjExMDQ5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
198662
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:45 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D3A2C6F9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAACfuC2HAzp1Tr1tI1ffNFSTWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
zoncello.jpg
sitchu.com.au/media/ty3advrz/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/ty3advrz/zoncello.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133428860769700000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8914a15fb38f5f4e87b7cdb9ec68da9800afc7bbdbc04f1e76d48ffacb5f4aee
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAACrONGSjER2TJSXmTCQ41+XTU5aMjIxMDYwNjEyMDM1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
34392
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:47 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D53E123C"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAADpZmeaxZpRQYGL5eenat2TWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
basic-babe-boxtails.jpg
sitchu.com.au/media/e4anxtbg/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/e4anxtbg/basic-babe-boxtails.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029185466670000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5eb2ea13e177269cb95cd5497443c659d11864331e3ad9bc0aeb562826fff36f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAAC3L1hU9eNaT72hxQH/iSayTU5aMjIxMDYwNjEyMDE3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
111948
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:48 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D57F0951"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAACbDIjlyqTBSrwCaS40epEiWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
pool_2.jpg
sitchu.com.au/media/5bebo5tu/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/5bebo5tu/pool_2.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029228198300000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
946544050aff51e47957742b6abb577879a4e376c7cb0bc9f6c3cfb86f40012e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAADxUDmfp0f1RLhohudU0HbiTU5aMjIxMDYwNjExMDQ3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
102238
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:47 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D53EFC73"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAABneQFru4+1RJO51Mq1IYA7WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
mr-black-espresso-martini.jpg
sitchu.com.au/media/ps1mm1bf/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/ps1mm1bf/mr-black-espresso-martini.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029185474800000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e7e3fe6dce2265f8226a04225e24dfd295c2902a02c3db3f11f0bc4388038dbc
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAAD21coFdz6pQ7TP81glWXT5TU5aMjIxMDYwNjExMDI5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
124050
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:49 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D65E4C11"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAABtkl3zl3+OSrV/gdmu1FeZWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
twisted-shaker.jpg
sitchu.com.au/media/ndtbuk4b/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/ndtbuk4b/twisted-shaker.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029185414600000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
60416bd1acf530fc20c719e59d5d1f6da639d84d2207e301f614313806f27abe
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0j+G1ZQAAAADE6P4dsGu+Qq4Vo6DC/ZunTU5aMjIxMDYwNjEyMDI3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
74182
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:47 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D541460D"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAACz+rw5oivwQbSXoESIeMn3WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
sofi-spritz.jpg
sitchu.com.au/media/efef14km/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/efef14km/sofi-spritz.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029185458370000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3949e8c3f19db5278eba34665274221d5a7e8793529b8e99617237dc77e5a47d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0kOG1ZQAAAAADhaEAJz30T4fNlk8dJ1DFTU5aMjIxMDYwNjEyMDUzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
124306
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:47 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D53ED56B"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAAA44V04+obWQa1TQgahYd0rWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
poor-toms.jpg
sitchu.com.au/media/wqvgfu5x/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/wqvgfu5x/poor-toms.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029185450870000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e8fa03ab596e71d025d9e2d7d4436d63820e1389c166ba4efceb31fb12928cc
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0kOG1ZQAAAAAnU5Y7D0TXRoxmpR+MYoePTU5aMjIxMDYwNjExMDI1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
104400
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:47 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D53F4A8A"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAADFGvUJh3pJT6APHH6h7ixCWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
archie-rose-canned-cocktails.jpg
sitchu.com.au/media/1m2cfn4a/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/1m2cfn4a/archie-rose-canned-cocktails.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029185401330000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
359c434bb9040993aee695d1bc51dcdd0a1bb79d6e74ddf17da16e9bc4405ce0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0kOG1ZQAAAABR+Wv8+2cpS7vQvSuiMxpATU5aMjIxMDYwNjExMDExADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
168100
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:48 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D58F81A8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Khq2ZQAAAADqNq+IoZQ3TKxUcA1GZTX8WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:37 GMT
rose-spritz-riot-wine-co.jpg
sitchu.com.au/media/uvrlbws0/ 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/uvrlbws0/rose-spritz-riot-wine-co.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029185362900000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e99a8a063369005584285f4f0457211cfde5eb4f51d834c07e19bd711ab40adf
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0kOG1ZQAAAAAlcEf5QlCsSLV+6okpdJodTU5aMjIxMDYwNjEyMDUzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
372112
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:47 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D541BB2C"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAAD4A1YaziKjQ4OUlhQlZazLWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:37 GMT
saintly.jpg
sitchu.com.au/media/kown4gbx/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/kown4gbx/saintly.jpg?mode=max&width=1400&format=webp&quality=80&rnd=133029185481370000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44e81482a58ff82f29af0e4448ba80104d539d344ae645737b86b5764b4c2800
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0kOG1ZQAAAABwmG7KWYN6SqPbXkQCGoKETU5aMjIxMDYwNjExMDMxADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
34060
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:47 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D5420942"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAACb/vBEZSKNR7IrWG2Ns+t1WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:36 GMT
manly-spirits.jpeg
sitchu.com.au/media/m3oh1fhb/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/m3oh1fhb/manly-spirits.jpeg?mode=max&width=1400&format=webp&quality=80&rnd=133034315245130000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d5f34e13552fb06a8c2920977b48ffc70e94d3e0df8f1b22eb9f006263280eec
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0kOG1ZQAAAAA88IAyWrUZTor8SP4aMxtPTU5aMjIxMDYwNjEyMDE5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
51576
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 05:53:45 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1CA0D3A1DCBB"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAABMgKNxGVTzRonv6wHgFWjfWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:37 GMT
191189682_810755119645330_6986214440085296234_n.jpg
sitchu.com.au/media/1x5jg3tr/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/1x5jg3tr/191189682_810755119645330_6986214440085296234_n.jpg?anchor=center&mode=crop&width=300&height=300&rnd=132672519680830000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
58124f5d03982a049dd24f8a4a9ad1f30aa532d427394b51e784ccda9eebdb0c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mxq0ZQAAAAA10/fj6YDDQJp0pDqWHZUwTU5aMjIxMDYwNjExMDA5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
18032
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:59:32 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E24273397E"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAACQ9W/V542wQr+/oEQbo8V2WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 01:57:16 GMT
191246356_515856939733774_4696908606369293421_n.jpg
sitchu.com.au/media/n1xfjdbr/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/n1xfjdbr/191246356_515856939733774_4696908606369293421_n.jpg?anchor=center&mode=crop&width=300&height=300&rnd=132672521860630000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
28322f192e91e4154e6b87257070155a3d45e5dd5c77baeff3eac8c4e53700a2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0fnO1ZQAAAABBb3sk+bTNTaXwT9yqxo+LTU5aMjIxMDYwNjEyMDI5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
24210
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:59:32 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E2426E7F3D"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAABvkswnwdmsRbr+OSEQPxfwWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 03:45:47 GMT
185273936_524077938613399_5700536719377388314_n.jpg
sitchu.com.au/media/os1d1gdg/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/os1d1gdg/185273936_524077938613399_5700536719377388314_n.jpg?anchor=center&mode=crop&width=300&height=300&rnd=132672519700200000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7aded4b6fa758811cf06cf7ef6fb9478f1ab7481d62019afd68c244043868fbb
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mxq0ZQAAAACTbEzNhK6zT7Ste2E85up0TU5aMjIxMDYwNjEyMDQ1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
20938
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:59:32 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E242764652"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAAAnUdIp5jChT7KifPkfdNjPWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 10:51:54 GMT
163646834_308078640703140_3587552719978873426_n.jpg
sitchu.com.au/media/vaqptbl0/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/vaqptbl0/163646834_308078640703140_3587552719978873426_n.jpg?anchor=center&mode=crop&width=300&height=300&rnd=132672520716730000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ec247a1b2275254c5400d53d5247110431bbf8579dc10dbbd4bade989731a67
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mxq0ZQAAAABGORrPas5TTYq4ksbHVh9RTU5aMjIxMDYwNjEyMDIzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
24150
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:59:32 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E2426ECD54"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAADlY4O2tLj1TYVkzbv1LrUeWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 10:51:54 GMT
173918616_809708072971040_7116653031431811595_n.jpg
sitchu.com.au/media/qzziutr1/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/qzziutr1/173918616_809708072971040_7116653031431811595_n.jpg?anchor=center&mode=crop&width=300&height=300&rnd=132672521928130000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3872834c221af290619172524f3381c7d3680d25285b012373541ffa0ba7fa7b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mxq0ZQAAAACFh4LNiA45QY44ARUbnKlRTU5aMjIxMDYwNjExMDExADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
20778
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:59:32 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E242764652"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAABNEyQ5pd8mQrpGOPFv7XDTWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 03:45:49 GMT
188922147_506605033813939_1679992772611423833_n.jpg
sitchu.com.au/media/0kwo03py/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/0kwo03py/188922147_506605033813939_1679992772611423833_n.jpg?anchor=center&mode=crop&width=300&height=300&rnd=132672519676600000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c590dee405623c2daf174bd7302bfd61fd792b0261b2187d4ca2871272c4f604
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mxq0ZQAAAABNHbL3BpNpQ6ei07EQKtXbTU5aMjIxMDYwNjExMDI5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
23598
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:59:32 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E2426E5839"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAACd4YSAL1XnR5VyrzyG/NQ5WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 10:51:53 GMT
232869X1715445.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/232869X1715445.skimlinks.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
47f9f9a25546e55e8c53d8b2142dccfa4420bf799a6e97af1e5866184761e9ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 09:11:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2023 14:51:41 GMT
Server
AmazonS3
x-amz-request-id
MQW0Q158XZ4XXFKY
ETag
"cf41446a9d0d21ef6aec8771d3f7b62e"
X-HW
1706433067.cds213.ch4.hn,1706433067.cds227.ch4.c
Content-Type
application/octet-stream
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18897
x-amz-id-2
CnhNye3eZmZeb7h9C2ZdpsvwapI6wFhl8csF5b1lq9omaZy9WW73n+p3f1a8PU+gqXC/8jgOYak=
gtm.js
www.googletagmanager.com/ 		232 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WF79DL
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7fb0b00e340d96b1ef45b37b502f615d0332871d571ea5aca32d691d55319ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83260
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 09:11:07 GMT
sitchu-logo.svg
sitchu.com.au/public/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/public/img/sitchu-logo.svg
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a70dbfb77425fbfcb960ae4bc0c61ca9ebd4efa26be65f3b3a8581ab5f38fd1
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
content-encoding
br
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 09:11:06 GMT
last-modified
Thu, 18 May 2023 23:26:55 GMT
x-azure-ref-originshield
0Mhq0ZQAAAADiwEg84qiLRJN5vBUStXR9TU5aMjIxMDYwNjEyMDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
etag
"4eb22f3ce089d91:0"
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT
content-type
image/svg+xml
x-azure-ref
0Kxq2ZQAAAADUWVGB/dkhRoYQdYrAHHuNWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
sitchu.woff2
sitchu.com.au/public/fonts/sitchu/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/sitchu/sitchu.woff2?2c9c26c3
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac48f5437335e7f5181805b97f44084fb92bd31c9e4e2f454b1d558328501379
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mhq0ZQAAAACjt725VjXFRoMavO8CnLerTU5aMjIxMDYwNjEyMDM1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
22444
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
etag
"3730e333f12da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
0Kxq2ZQAAAABuH0+HgWBrQps4+yc3PqB5WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
content-type
font/woff2
access-control-allow-origin
https://sitchu.com.au
access-control-expose-headers
Request-Context
accept-ranges
bytes
FreightDisplayPro-Bold.woff2
sitchu.com.au/public/fonts/FreightDisplayPro/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/FreightDisplayPro/FreightDisplayPro-Bold.woff2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52843081ed86c80245ce48bf3373f8535fd3dd90bcb0d67f5e27624e1606efee
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mhq0ZQAAAAB6PC32rlmKTYgzZwrpOepCTU5aMjIxMDYwNjExMDIzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
37036
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
etag
"8844d733f12da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
0Kxq2ZQAAAABSn4xTZS70QLlBXQIDEMkYWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
content-type
font/woff2
access-control-allow-origin
https://sitchu.com.au
access-control-expose-headers
Request-Context
accept-ranges
bytes
Lato-Regular.woff2
sitchu.com.au/public/fonts/Lato/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/Lato/Lato-Regular.woff2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74653656581433002feaf65fc867dd9c4e984f9b20cfb07b0a5861cc4d57bf42
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mhq0ZQAAAADzzdxetX5pSIifACrt0wl5TU5aMjIxMDYwNjExMDIxADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
29408
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
etag
"8844d733f12da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
0Kxq2ZQAAAAA9skh1/uEqTJzXm1a30xA8WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
content-type
font/woff2
access-control-allow-origin
https://sitchu.com.au
access-control-expose-headers
Request-Context
accept-ranges
bytes
Lato-Semibold.woff2
sitchu.com.au/public/fonts/Lato/ 		221 KB
221 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/Lato/Lato-Semibold.woff2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74b2262e2167995731797e377d48c41693f3c40e0271c33afc614f4de36662f9
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
x-azure-ref-originshield
0Mhq0ZQAAAAAtX77NjySaSYsehX4W58m/TU5aMjIxMDYwNjExMDM5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
etag
"d97fb33f12da1:0"
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT
content-type
font/woff2
x-azure-ref
0Kxq2ZQAAAACm4A/fhb63TLNo4M5GTs3VWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
content-length
225828
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
Lato-SemiboldItalic.woff2
sitchu.com.au/public/fonts/Lato/ 		235 KB
235 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/Lato/Lato-SemiboldItalic.woff2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
98844050600b451536765c57fd68067fa7ce87e3e56d1fb3d910b8295476a0ca
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
x-azure-ref-originshield
0Mhq0ZQAAAADXC3Ryql55SpgHbZv5ji98TU5aMjIxMDYwNjExMDE3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
etag
"d97fb33f12da1:0"
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT
content-type
font/woff2
x-azure-ref
0Kxq2ZQAAAAAbFM9DEqWFTp6DIzhSJAHXWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
content-length
240712
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
scripts.js
applets.ebxcdn.com/applets/sitchu.com.au/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://applets.ebxcdn.com/applets/sitchu.com.au/scripts.js
Requested by
Host: applets.ebxcdn.com
URL: https://applets.ebxcdn.com/ebx.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:d4ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
119fa857acfc0042b09f8b1014786ba4b258d4878f2224c9c9c79466b15078aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2372
x-amzn-requestid
3c3b714b-e3bd-4b16-8240-9b32ba1ca26b
x-amz-apigw-id
SPeUPF3QjoEEWQA=
content-length
1572
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jan 2024 12:58:56 GMT
server
cloudflare
etag
rFDAyFdA1UxU9sm/R0v3Sg==
x-amzn-trace-id
Root=1-65b610e7-4ac5990874f63c784ba02310;Sampled=0;lineage=388d0713:0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9xGCGjy1BDFN%2F%2Bs1BhX21DEybhU0spKj9cCWhDnsUdVF6UNzM%2FgRfHcY12kjN9dvJHwVYigxsp40J0ARB3t9%2F5r7IJG0TaMi0B9D2891J%2FkOdc%2BnMfweSI0Mne1ze7k8kdmfSRcBQrL%2BVnttBCqs5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=300, no-transform
accept-ranges
bytes
cf-ray
84c81b2ed8bc3a0a-YYZ
truncated
/ 		156 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9ef001654c00e8a76aa2ddcfcaf6717f22cc5f16f2dce85f0656fb8e5371b3a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
sitchu-default.png
sitchu.com.au/public/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/public/img/sitchu-default.png
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
94832ccc793a73db3129e5007f4b6afe98f96e563a5e38fe10193ac2141c687a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 23:26:55 GMT
x-azure-ref-originshield
0Mxq0ZQAAAABqbM5AZKxfRL/OqMRz2DOITU5aMjIxMDYwNjEyMDI1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
etag
"4eb22f3ce089d91:0"
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT
content-type
image/png
x-azure-ref
0Kxq2ZQAAAABGLWdr6AwiT4Ps4U0cFG+QWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
content-length
11772
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
FreightDisplayPro-Medium.woff2
sitchu.com.au/public/fonts/FreightDisplayPro/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/FreightDisplayPro/FreightDisplayPro-Medium.woff2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
749c93c9b1c73c6882983673ac410bbb423b38ca2b915bfea9db74b4adfe2328
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
x-azure-ref-originshield
0Mhq0ZQAAAAA3E+JlXgdITLGFoh9ETAbJTU5aMjIxMDYwNjEyMDUzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
etag
"9d7fd233f12da1:0"
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT
content-type
font/woff2
x-azure-ref
0Kxq2ZQAAAACxXFsk6bkiRZrr27JrGSjGWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
content-length
35456
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
Lato-Italic.woff2
sitchu.com.au/public/fonts/Lato/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/Lato/Lato-Italic.woff2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32ecdf42bc9232474c0c30f77d3b885b66d8c7f8b6ab1b52f51fa388b71a56d1
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mhq0ZQAAAAB2eig8vNd4SpEQcQxQYkd5TU5aMjIxMDYwNjEyMDE3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
30500
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
etag
"8844d733f12da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
0Kxq2ZQAAAADxwWwOiZBURZ1HuakzkQcSWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
content-type
font/woff2
access-control-allow-origin
https://sitchu.com.au
access-control-expose-headers
Request-Context
accept-ranges
bytes
Lato-BoldItalic.woff2
sitchu.com.au/public/fonts/Lato/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/Lato/Lato-BoldItalic.woff2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c47589e45f8daa3988494b038d9f6892108ea50d153b6b9085f2ba3843643fb4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
x-azure-ref-originshield
0fxq0ZQAAAACYs3uvqKOKRJ4FPY/pn72vTU5aMjIxMDYwNjEyMDQ5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
etag
"f9e1d433f12da1:0"
x-frame-options
SAMEORIGIN
x-cache
TCP_HIT
content-type
font/woff2
x-azure-ref
0Kxq2ZQAAAABt4DbMz/UgQpX84trm0WXWWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
accept-ranges
bytes
content-length
30760
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
Lato-Bold.woff2
sitchu.com.au/public/fonts/Lato/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/Lato/Lato-Bold.woff2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
95601b37f52a987327d696dbc9967bd4ca5f395bc30f85e44688dd0b5b11f7ca
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0fxq0ZQAAAACycutxcpTVS6XndvRdR5sDTU5aMjIxMDYwNjEyMDUxADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
28860
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
etag
"9d7fd233f12da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
0Kxq2ZQAAAABBN1WnGMwQQoPUGvc91ii9WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
content-type
font/woff2
access-control-allow-origin
https://sitchu.com.au
access-control-expose-headers
Request-Context
accept-ranges
bytes
FreightDisplayPro-BoldItalic.woff2
sitchu.com.au/public/fonts/FreightDisplayPro/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sitchu.com.au/public/fonts/FreightDisplayPro/FreightDisplayPro-BoldItalic.woff2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8bd8becbff89b3eb57b3a6436955f9df5cab6e74db98ca1b6cdc7aa08875939a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/public/css/structure.css?v=7e371b7b
Origin
https://sitchu.com.au
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:06 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mhq0ZQAAAAAFctDftlmMTLGMyKZvKGtLTU5aMjIxMDYwNjExMDM5ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
38692
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 08 Nov 2023 12:28:01 GMT
etag
"791dd033f12da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
0Kxq2ZQAAAAAaLyLHxQcTTpR3i5zFoUvQWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
content-type
font/woff2
access-control-allow-origin
https://sitchu.com.au
access-control-expose-headers
Request-Context
accept-ranges
bytes
/
r.skimresources.com/api/ 		181 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/232869X1715445.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
2aa682dee831fcc38b0cdc075022905f33102bfba6e53c4bdf53a47b79a4156b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sitchu.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
robots.txt
t.skimresources.com/api/v2/ Frame E61A 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.7765183482546858
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
via
1.1 google
cache-control
private, no-store
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=9.339197352911652
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sun, 28 Jan 2024 09:11:07 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=9.339197352911652
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Sun, 28 Jan 2024 09:11:07 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
rafi_pdr_steven-woodburn-9.jpg
sitchu.com.au/media/yizdzcqd/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/yizdzcqd/rafi_pdr_steven-woodburn-9.jpg?mode=max&width=489&rnd=133383106719970000
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
070a43606fd41106eddc18d4b8f9e8a61b1fc6ab016db86a51e6d9d84725e084
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:07 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mxq0ZQAAAACr3OCuXzy+TI3AyM2PjQJGTU5aMjIxMDYwNjExMDIzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
65308
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Mon, 04 Sep 2023 04:18:03 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DBACFDEEB56D6C"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-azure-ref
0Kxq2ZQAAAABBlXoIaZOvQomyeMOv8fP2WVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 11:02:21 GMT
t
pubfeed-edge.linkby.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pubfeed-edge.linkby.com/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sitchu.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
84c81b31fe43a20e-YYZ
content-length
0
date
Sun, 28 Jan 2024 09:11:07 GMT
expect-ct
max-age=86400, enforce
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3pHjOdAdfrL2ZKjEKcye5pPEWWimGrp5SVg5ZEtc0s1u2w%2FbEv0l6wv7YShe7AJLKeAY7nLegrAUVciH2X3HG%2Bezj9JcIwvsGR20Sv5IQevYZpYwmedf2jL6rekNwAVI%2Br1dIttSay8sj8TRmUO6JOvbrCZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
t
pubfeed-edge.linkby.com/ 		0
0
serve
pubfeed-edge.linkby.com/ 		2 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubfeed-edge.linkby.com/serve?start=2024-01-28T09%3A11%3A07.439Z&url=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&lbpf_type=null&index=0&type=listicle&id=_vfqdxm4mw&loaded=true
Requested by
Host: pubfeed.linkby.com
URL: https://pubfeed.linkby.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:08 GMT
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOaa39FB1kvqmGyLR0y7hewlqo3B0CxqhZTu%2F0n6UlbN5pZDf0ffMgU3%2F1o6tiBKgrXOvbo9uUKjnrINVxnZFWi0KjHHC47JoVQJuXPZ0%2FTTWYCLbEgN2%2FoYYueTrAtNZnQ4ZsW7s5k54Fmi9AhZw5Odbgx%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-ray
84c81b31fe40a20e-YYZ
institutpolaire.jpeg
sitchu.com.au/media/0ujjlkmj/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/0ujjlkmj/institutpolaire.jpeg?anchor=center&mode=crop&width=540&height=360&rnd=133401185100700000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
87f711a390809f6bef5c99ad1aa5456a08884e4ea31e3b485b6489709a58acf1
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:07 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0k+G1ZQAAAAC86aMGsVcoSIsrVttEAhfHTU5aMjIxMDYwNjEyMDIxADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
24724
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 02:47:40 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1C86D5418589"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAAA67WLohH8nQ6TWwKd0db1JWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sun, 04 Feb 2024 05:09:40 GMT
burrata-harper-rooftop-bar-sydney.jpg
sitchu.com.au/media/zbkgx3ce/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/zbkgx3ce/burrata-harper-rooftop-bar-sydney.jpg?anchor=center&mode=crop&width=540&height=360&rnd=133450349761130000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c389ae49082133005cbd002d4b8a7758f18d7b80796db16b065690e67456eda6
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:07 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0lOG1ZQAAAABT8ijioXh7RrQ+ldSFpHCyTU5aMjIxMDYwNjExMDQ3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
47606
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Wed, 24 Jan 2024 02:17:59 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1C82AFC36B97"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAABBpmvff+xlRb8qUWdP6/PrWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Sat, 03 Feb 2024 06:04:36 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240128
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d3077011765285f6ffa716441507ef1538a722e0f5f16c86296ff966f31323d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 28 Jan 2024 09:11:07 GMT
x-content-type-options
nosniff
content-encoding
br
age
18620
x-jsd-version
1.0.1948
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
858
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4577-YYZ
x-jsd-version-type
version
etag
W/"640-UroqBa6JJAfgHF4ZPF41sYcUopo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/ 		436 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
77584
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139565
x-xss-protection
0
server
cafe
etag
12534472742743793976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 26 Jan 2025 11:38:04 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/ 		405 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js?bust=31080696
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5561b69e6df580176b0a8021f1b0e8950134b17f910d5f4902d50194e8aed3ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140811
x-xss-protection
0
server
cafe
etag
2422450018045791394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:11:07 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 1D89 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
56089
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 17:36:19 GMT
etag
3890843268177463596
expires
Sat, 10 Feb 2024 17:36:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
deux-feres-jude-cohen-3.jpg
sitchu.com.au/media/oo4jophu/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/oo4jophu/deux-feres-jude-cohen-3.jpg?anchor=center&mode=crop&width=540&height=360&rnd=133449731450400000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce82c3639ea8b6e23e7b5500c60fc2985b33efd727b3600e5a59730c36891578
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:07 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0g3O1ZQAAAACfCRMOa26GQoljCRWI4Qj7TU5aMjIxMDYwNjExMDI1ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
37696
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:53:24 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E166D6DCD8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAADgwriBeoY3Q6UOPjFZfdxHWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 11:02:23 GMT
js
www.googletagmanager.com/gtag/ 		289 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HNMZX1H0LD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF79DL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe54bd43a49778844f11620aa0d691ae03aeb0770eaaa270a24b7f9737b9da1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96265
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 28 Jan 2024 09:11:07 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF79DL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 28 Jan 2024 08:50:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1259
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 28 Jan 2024 10:50:09 GMT
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF79DL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:392::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
005fdfd3685a6dea398449f326f814f2e6de5e7133107b981a90b4e95584f72f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"ad1325c16ccac3a8f0f92f032d33fe3c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
1864
fbevents.js
connect.facebook.net/en_US/ 		213 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 28 Jan 2024 09:11:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57158
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
rD8qwMwKYjxomp7ZYKg1v3FcPWo683FX3RYWHj5Y4Vz4i+XqE8f0yi9EOAhbGnPMN+6oiIuIjrHwFJTZH8YjAg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-446291.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-446291.js?sv=5
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-120.yul62.r.cloudfront.net
Software
/
Resource Hash
95518cddc4928e415c3ce1757d92d34522b3252d6cd1d6806d717edbb3eb80ae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 0cf68108b8820db4a096a661da0108ba.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
etag
W/2231ef43583b08fe9ec0e40021420291
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
kpWJYLYeMiVWs-nsmkKSv-wCctkRaCV8I2koln2pqHxqURUR9D2yBg==
oribi.js
cdn.oribi.io/Xy0xMzE3NTk5NDA2/ 		338 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.oribi.io/Xy0xMzE3NTk5NDA2/oribi.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2191:3200:13:c079:7880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
d40eae5a0305754ca9eab8fa2f9f94d52194c8e1f74fde91c51de5557ef785c6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 18:33:17 GMT
via
1.1 824fe21e467658628899bdd8725649ee.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
IAD89-C1
age
1175871
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
content-length
338
x-amz-cf-id
5RMdOhADY87ti0BK2fU5EMWMsx3zJwCwwAnw5fHfC0HAMbLeV_GfWw==
pinit_main.js
assets.pinterest.com/js/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.6417974507057695
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:392::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=300
accept-ranges
bytes
content-length
18679
page
t.skimresources.com/api/v2/ 		22 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/232869X1715445.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:07 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.11 aiohttp/3.8.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://sitchu.com.au
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link
t.skimresources.com/api/v2/ 		22 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/232869X1715445.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:07 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.11 aiohttp/3.8.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://sitchu.com.au
warning
299 - "Deprecated API"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
the-charles.jpg
sitchu.com.au/media/glfp3dqs/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/glfp3dqs/the-charles.jpg?anchor=center&mode=crop&width=540&height=360&rnd=133250130217970000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1d88e8b8af499c450916cb436c5bde6bdce2ca60be07720de8b10766b00c10b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:07 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mxq0ZQAAAACh2C8b2MrVR7so8laC6AE5TU5aMjIxMDYwNjEyMDI3ADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
39690
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:53:33 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E16C4A8AD9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAAAu1mW4YtlzQ7bxsUz0vXEmWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 11:02:24 GMT
main.a6d15c2a.js
s.pinimg.com/ct/lib/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.a6d15c2a.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:392::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f2966780d964488ce801cd252ec0fcfc01281842f3b8302a6efa22d9ef308d10

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"d95b98c078431d7b6709ad96c5145472"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
19184
sydney-festival_hero_octopus_te-wheke-a-muturangi-the-adversary.jpg
sitchu.com.au/media/ezeppx4g/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/ezeppx4g/sydney-festival_hero_octopus_te-wheke-a-muturangi-the-adversary.jpg?anchor=center&mode=crop&width=540&height=360&rnd=133456576127500000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2505df2707dd8fd2956fdb14ebec64050ce636df06f999cf04ba0ae1d1bdf475
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:07 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mxq0ZQAAAAB0wYa79G4vQqUOGmrKW86ZTU5aMjIxMDYwNjEyMDUxADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
21082
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:53:39 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E1700C5C21"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAADzmaeAjkr5R6LBOjIxlsBbWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 10:52:08 GMT
collect
analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-HNMZX1H0LD&gtm=45je41o0v9100594664z872267824&_p=1706433066948&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1049417713.1706433068&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706433067&sct=1&seg=0&dl=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&dt=The%20Best%20Australian%20Pre-Mixed%20%26%20Canned%20Cocktails%20to%20Sip%20on%20Over%20Summer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5697
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNMZX1H0LD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HNMZX1H0LD&cid=1049417713.1706433068&gtm=45je41o0v9100594664z872267824&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HNMZX1H0LD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HNMZX1H0LD&cid=1049417713.1706433068&gtm=45je41o0v9100594664z872267824&aip=1&dma=0&gcd=11l1l1l1l1&z=1645164133
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0v6a7098.jpg
sitchu.com.au/media/x2yfgcek/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/x2yfgcek/0v6a7098.jpg?crop=0,0.14327863536006588,0,0.41205990630660083&cropmode=percentage&width=540&height=360&rnd=133504777314900000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f5f6d7bffcab0093129bfab94fc42ad82ed68a9d921d65c59b09962214a78dce
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:07 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0Mxq0ZQAAAACCePXTSPYiTr5DnZZkoSXnTU5aMjIxMDYwNjExMDMxADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
17326
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Tue, 23 Jan 2024 00:58:26 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC1BAE68231D9E"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0Kxq2ZQAAAAAtgrfr8/RiQqQsLzVhHuBVWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 10:52:11 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A9D4 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355958662230762&output=html&adk=1812271804&adf=3025194257&lmt=1706433067&plaf=7%3A2&plat=2%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706433067619&bpp=5&bdt=1301&idt=298&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4986291933516&frm=20&pv=2&ga_vid=1049417713.1706433068&ga_sid=1706433068&ga_hid=744596437&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080588%2C44795921%2C31080696%2C95320377%2C95320868%2C95320894%2C95321627%2C95322163%2C95323007&oid=2&pvsid=2822745632650962&tmod=207921342&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=328
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js?bust=31080696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d5418cd2aadd794dee573972191418cd3e9718312ec7890235dc2a15533f6f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4579
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:08 GMT
expires
Sun, 28 Jan 2024 09:11:08 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		303 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2613287257861&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1706433067958&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a6d15c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
decfb6b65c936cb4e06e0d666c00db86f3c7a967686d2754c900cd86dca5e1c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:08 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
4961339437053582
content-length
175
pin-unauth
dWlkPU9EUm1ZalEwTVdFdFlqUXpaQzAwWWpOaUxXRmlZamt0TkRBMFpXVTBaRE0wWmpFMg
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sitchu.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
531b9cd0463f023a295955d14cd84d005b70b1e1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2613287257861&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22a6d15c2a%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1706433067960
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:08 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
531b9cd0463f023a295955d14cd84d005b70b1e1
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
15
alt-svc
h3=":443";ma=600
x-pinterest-rid
8217840862767129
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
flowers-carriageworks_farmersmarkets_sydney_credit_jacquiemanning-85.jpg
sitchu.com.au/media/bjga1yua/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sitchu.com.au/media/bjga1yua/flowers-carriageworks_farmersmarkets_sydney_credit_jacquiemanning-85.jpg?anchor=center&mode=crop&width=540&height=360&rnd=133451281811430000&format=webp&quality=80
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bfce4c0391113cf5a77f4fd80b62e9926609d8747fce84615bc2d4cd5a391a01
Security Headers
Name Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400
date
Sun, 28 Jan 2024 09:11:07 GMT
x-content-type-options
nosniff
x-azure-ref-originshield
0NBq0ZQAAAABCH8TYu8bPRL4xdNnTZL4hTU5aMjIxMDYwNjEyMDUxADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
x-cache
TCP_HIT
content-length
48364
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4c7d9100-279e-4902-80da-c77d61cd8b48
last-modified
Thu, 18 Jan 2024 04:53:39 GMT
imageprocessedby
ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag
"0x8DC17E170416E07"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
x-azure-ref
0LBq2ZQAAAAAj1TxDjvEBTqvjq/voizNKWVRPMjIxMDkwODE5MDMzADRhOGYwODIyLWIwMmMtNDQxZi04YTE1LTcyNWVmZjlmZDljYg==
access-control-expose-headers
Request-Context
cache-control
public, immutable, max-age=604800
expires
Fri, 02 Feb 2024 03:45:53 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1706433068082&se=e30&duid=8dc65b4b215e--01hn7ncehvqw16mxe610gp83hw&pu=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&wpn=prebid
  • https://rp4.liadm.com/j?se=e30&duid=8dc65b4b215e--01hn7ncehvqw16mxe610gp83hw&dtstmp=1706433068082&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails...
13 B
318 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?se=e30&duid=8dc65b4b215e--01hn7ncehvqw16mxe610gp83hw&dtstmp=1706433068082&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjo0
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Server
44.218.235.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-235-8.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:09 GMT
x-pixel-event-id
34330dde-693b-4e45-9062-83e31800254d
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?se=e30&duid=8dc65b4b215e--01hn7ncehvqw16mxe610gp83hw&dtstmp=1706433068082&n3pc=true&wpn=prebid&pu=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&i6=MjAwMTo0OTU4OjE0MjA6MTUxOjo0
access-control-allow-origin
https://sitchu.com.au
date
Sun, 28 Jan 2024 09:11:08 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
modules.0c2aac1b2d1ba79f2a01.js
script.hotjar.com/ 		219 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-446291.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-128.yul62.r.cloudfront.net
Software
/
Resource Hash
8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 15:40:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 b6e7d60d529540ac03c94ffa742017e4.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C1
age
322262
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55804
last-modified
Wed, 24 Jan 2024 15:39:41 GMT
etag
"252eda316b5dfe5750655c881f809a75"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
5KDgitYSeLnkoGbdS_UX29CrSa5klop0weq5MjKmtp6c1yRFQunBXA==
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=744596437&t=pageview&_s=1&dl=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&ul=en-us&de=UTF-8&dt=The%20Best%20Australian%20Pre-Mixed%20%26%20Canned%20Cocktails%20to%20Sip%20on%20Over%20Summer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=538988246&gjid=1297284482&cid=1049417713.1706433068&tid=UA-78490167-1&_gid=685600291.1706433068&_r=1&_slc=1&gtm=45He41o0n71WF79DLv72267824&gcd=11l1l1l1l1&dma=0&z=11873914
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
195830720844844
connect.facebook.net/signals/config/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/195830720844844?v=2.9.143&r=stable&domain=sitchu.com.au&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79ab008ce8a2bc168eb11ece8d16e98847ff18b4308870a9c67dda2562f464a8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 28 Jan 2024 09:11:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
6py/AFhwLz2LPovoa9bQNV5awb7dmx5jA/lnq5lKR4P5KibIAHPAD3Lngi4jpN0Mz9rmmaRP0zyXtxPIHeUy1w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1046712
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0368747e7f0178522953237eac8d3ddb7b0bf6603197175f87d8f550dacc8d

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDFQW%2BntfCXqvmBztdRBGI2a%2BPeUxKBkC0hiEUcpUiZr4auNYyXOEQc1KLLyKNq5Oit9Av5cfFlA1XvyxUu1qYV%2BrbIspewwuKOSx1LLfk4sWxQeuxnhT%2FJPUQzeu1j%2BZQJT59G0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
84c81b37a9313739-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
703 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:08 GMT
an-x-request-uuid
67584de4-e381-4420-9ace-a355dbf13d7e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sitchu.com.au
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
166.0.205.4; 166.0.205.4; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e7c535909ce3e6ac5c1728cce25a9c1de1c28bbd8e505ae71b74db66e3a9d841

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 28 Jan 2024 09:11:08 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://sitchu.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		23 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17664&site_id=509730&zone_id=3082178%3B3082180%3B3082182%3B3082184%3B3082186%3B3082188%3B3082190%3B3082182&size_id=2%3B15%3B15%3B15%3B15%3B2%3B2%3B15&alt_size_ids=%3B10%3B%3B%3B%3B%3B%3B&eid_pubcid.org=e035d14a-d99b-4ce2-b948-580c2377065c%5E1&rf=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&tg_i.domain=sitchu.com.au&tg_i.page=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&tg_i.aupname=%2F21735218764%2Farticles.TopLB%3B%2F21735218764%2Farticles.POS1%3B%2F21735218764%2Farticles.POS2%3B%2F21735218764%2Farticles.MobPOS1%3B%2F21735218764%2Farticles.MobPOS2%3B%2F21735218764%2Farticles.POS3%3B%2F21735218764%2Farticles.POS4%3B%2F21735218764%2Farticles.POS2&tg_i.pbadslot=%2F21735218764%2Farticles.TopLB%3B%2F21735218764%2Farticles.POS1%3B%2F21735218764%2Farticles.POS2%23div-gpt-ad-ArticlesPOS2%3B%2F21735218764%2Farticles.MobPOS1%3B%2F21735218764%2Farticles.MobPOS2%3B%2F21735218764%2Farticles.POS3%3B%2F21735218764%2Farticles.POS4%3B%2F21735218764%2Farticles.POS2%23div-gpt-ad-ArticlesMob&tk_flint=dmpbjs_v8.23.0&x_source.tid=f586d07f-7122-4fb6-a8d0-6beff900f8fb&l_pb_bid_id=295aed16b327d98%3B3008c21cb55fa8f%3B3137dddccbe5ffb%3B324a5630ea93de2%3B33ae7bb9a7e0d6a%3B34e7bd940720dee%3B35e2b6a156e1505%3B36d519dfa025d09&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a589a9fa-e09f-497f-a123-f2fb97db6804%3Be9500c8b-6ed6-4c3e-a323-1ad1bbab5a35%3B842e94c7-0144-4f3c-892d-c25a0899916b%3Bcd71af3d-677c-42f7-a76e-3356484ae0a4%3B70f4eb61-6657-4851-ab20-f9c5ba657d7b%3B3d8b4ac6-80a5-4c7d-b991-109e86b418c5%3B222a3ae8-571c-4ffd-9f7a-c3e8a72d179e%3B6eae0f57-60c3-402c-867c-f7b68fef117a&rp_maxbids=1&p_gpid=%2F21735218764%2Farticles.TopLB%3B%2F21735218764%2Farticles.POS1%3B%2F21735218764%2Farticles.POS2%23div-gpt-ad-ArticlesPOS2%3B%2F21735218764%2Farticles.MobPOS1%3B%2F21735218764%2Farticles.MobPOS2%3B%2F21735218764%2Farticles.POS3%3B%2F21735218764%2Farticles.POS4%3B%2F21735218764%2Farticles.POS2%23div-gpt-ad-ArticlesMob&slots=8&rand=0.6347479327448342
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6c63f712003edea05c69ddf2f9e469caed45882c33ebd1a154c712d0d15306c8

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:09 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=94929040187&lsavail=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://sitchu.com.au
date
Sun, 28 Jan 2024 09:11:07 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
21735218764
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/21735218764?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3fa715a02d084b01f65b26cf38ec6bba93102a4831987d203295ffe38a788ec
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9-tBLwDqkaAw77CvXeJmSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9-tBLwDqkaAw77CvXeJmSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smga8vmSSAWAuI30m-YvoGxDt8PFjehE9n5YuYznq6YDrrZSBmqwDygTiubjprARDzrZvOarh-OuuWM9NZ9wBxzPPprClAvJh1ButqIJ4SOIN1DhC3RM9gnQbETukzWEOA-HPmDNbfQFx2-xxrHRAL8XCs2XJjLZvAi3Nv1zADAK_cXRw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-78490167-1&cid=1049417713.1706433068&jid=538988246&gjid=1297284482&_gid=685600291.1706433068&_u=YADAAAAAAAAAAC~&z=1466418803
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 28 Jan 2024 09:11:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=195830720844844&ev=PageView&dl=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&rl=&if=false&ts=1706433068536&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.2.1706433068533.1827958583&cs_est=true&ler=empty&cdl=API_unavailable&it=1706433068319&coo=false&exp=d1&rqm=GET
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 28 Jan 2024 09:11:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
446291
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/446291?s=0.25&r=0.0418274774889178
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0c2aac1b2d1ba79f2a01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.195.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-69.yul62.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:09 GMT
via
1.1 0ff11d01f4414a1e45550bed248de108.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
YUL62-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
N3EhTmHfqR6G64jyCPsr5O7a63N0vq5NCQfigSWjWeM_LHoV47M3rA==
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-78490167-1&cid=1049417713.1706433068&jid=538988246&_u=YADAAAAAAAAAAC~&z=376231449
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-78490167-1&cid=1049417713.1706433068&jid=538988246&_u=YADAAAAAAAAAAC~&z=376231449
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
log.pinterest.com/ 		0
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=9T0ZdRGXKHCf&tv=2021110201&event=init&sub=www&button_count=19&follow_count=0&pin_count=0&custom_local=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&viaSrc=canonical
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 28 Jan 2024 09:11:08 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
4
x-pinterest-rid
8616082937118961
content-length
0
x-served-by
cache-yyz4546-YYZ
pragma
no-cache
server
envoy
x-timer
S1706433069.891657,VS0,VE24
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
AGSKWxXfyGj4n9iSNzG1ekdjeIZ_BPPCmnVb_4LGFXRw-jd_NzC_Ah7vpWU9_C3ein22gz7DvR85aNS8uHCGo1IbwpBS462u6bZID4d4sDkDr6dvVjSJvtCXzybS8QnXfX6WB3HkWN-efA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXfyGj4n9iSNzG1ekdjeIZ_BPPCmnVb_4LGFXRw-jd_NzC_Ah7vpWU9_C3ein22gz7DvR85aNS8uHCGo1IbwpBS462u6bZID4d4sDkDr6dvVjSJvtCXzybS8QnXfX6WB3HkWN-efA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NDMzMDY5LDk0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3NpdGNodS5jb20uYXUvZW50ZXJ0YWluaW5nL2F1c3RyYWxpYW4tcHJlLW1peGVkLWNvY2t0YWlscyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzBbmq2zME3JMPFTDIqo5tO3kA2UA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
346f105886f8284a2307f7091610015f26348d7d286058ce967c01375847f5c8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2lXffYbOq6-s1xQaOQZBng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:09 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2lXffYbOq6-s1xQaOQZBng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KohxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJoGvL5kkgFgLiN9JvmL6BsQ7fDxY3oRPZ-WLmM56umA662UgZqsA8oE4rm46awEQ862bzmq4fjrrljPTWfcAcczz6awpQLyYdQbraiCeEjiDdQ4Qt0TPYJ0GxE7pM1hDgPhz5gzW30Bcdvscax0QC3FzrN1yYy2bwIzlSwIAmU9hDQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2822745632650962&correlator=2392509429378522&eid=44809527%2C31080255%2C31079240%2C31080709&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=21735218764%2Carticles.1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&cdm=sitchu.com.au&abxe=1&dt=1706433069107&adxs=0&adys=206&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsitchu.com.au&loc=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&vis=1&psz=1600x22867&msz=1600x0&fws=0&ohw=0&ga_vid=1049417713.1706433068&ga_sid=1706433068&ga_hid=744596437&ga_fc=true&dlt=1706433066317&idt=2008&cust_params=site%3Dsitchu%26city%3Dsydney%26URL%3Daustralian-pre-mixed-cocktails%26section%3Deat%2520drink%26subsection%3Dentertaining%26pagetype%3Darticle%26article%3DThe%2520Best%2520Australian%2520Pre-Mixed%2520%2526amp%253B%2520Canned%2520Cocktails%2520to%2520Sip%2520on%2520Over%2520Summer%26keyword%3Dcocktails%252Cdrinks%252Cdrink%252Centertaining&adks=108572345&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a933bc182f855ae9658a4d7ba6cdc8c242346f48119329d6f722a193894288ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12550
x-xss-protection
0
google-lineitem-id
6236042854
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138424345383
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0569 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:09 GMT
expires
Mon, 27 Jan 2025 09:11:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		509 KB
126 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2822745632650962&correlator=2824788580628346&eid=44809527%2C31080255%2C31079240%2C31080709&output=ldjh&gdfp_req=1&vrg=202401250101&ptt=17&impl=fifs&gdpr=0&iu_parts=21735218764%2Carticles.TopLB%2Carticles.POS1%2Carticles.POS2%2Carticles.MobPOS1%2Carticles.MobPOS2%2Carticles.POS3%2Carticles.POS4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F3&prev_iu_szs=728x90%7C970x90%2C300x600%7C300x250%2C300x250%2C300x250%2C300x250%2C728x90%2C728x90%2C300x250&ifi=3&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&cdm=sitchu.com.au&abxe=1&dt=1706433069193&adxs=436%2C1071%2C1071%2C-12245933%2C-12245933%2C261%2C261%2C-12245933&adys=226%2C555%2C3762%2C-12245933%2C-12245933%2C3613%2C6802%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C-1%7C-1%7C2%7C3%7C-1&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsitchu.com.au&loc=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&vis=1&psz=1600x-1%7C325x22160%7C325x22160%7C300x30%7C300x30%7C790x0%7C790x0%7C300x30&msz=1600x-1%7C299x2000%7C299x18750%7C0x0%7C0x0%7C790x0%7C790x0%7C0x0&fws=512%2C0%2C0%2C128%2C128%2C0%2C0%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1049417713.1706433068&ga_sid=1706433068&ga_hid=744596437&ga_fc=true&dlt=1706433066317&idt=2008&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.12%26hb_adid%3D446ee07003c0392%26hb_bidder%3Drubicon%7C%7C%7C%7C%7C%7C%7C&cust_params=site%3Dsitchu%26city%3Dsydney%26URL%3Daustralian-pre-mixed-cocktails%26section%3Deat%2520drink%26subsection%3Dentertaining%26pagetype%3Darticle%26article%3DThe%2520Best%2520Australian%2520Pre-Mixed%2520%2526amp%253B%2520Canned%2520Cocktails%2520to%2520Sip%2520on%2520Over%2520Summer%26keyword%3Dcocktails%252Cdrinks%252Cdrink%252Centertaining&adks=2381076105%2C3867015567%2C4267331308%2C1914801010%2C1779527948%2C292744230%2C3763666759%2C3507475809&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfe4be9ea91a5b4a8a17b46bffd3607dec62ef462cd582f384b7398f36947ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128828
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2,-2,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2,-2,-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVvUsiP4jkpHbHbOvT0Zoef5GTHPfYqm-RNwodI3WbaUvtohkZi-xIxTbT7V1CEeMWmrkCaIzwseqXqm0t6CzOqCndOONzUqsLzz3AWCVG_xEopOfoYhugRg7pkh3Kztdw3n_VzBQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVvUsiP4jkpHbHbOvT0Zoef5GTHPfYqm-RNwodI3WbaUvtohkZi-xIxTbT7V1CEeMWmrkCaIzwseqXqm0t6CzOqCndOONzUqsLzz3AWCVG_xEopOfoYhugRg7pkh3Kztdw3n_VzBQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NDMzMDY5LDI0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc2l0Y2h1LmNvbS5hdS9lbnRlcnRhaW5pbmcvYXVzdHJhbGlhbi1wcmUtbWl4ZWQtY29ja3RhaWxzIixudWxsLFtbOCwiWXRrdlV2cjBLaEkiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzBbmq2zME3JMPFTDIqo5tO3kA2UA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2451b3cd1f46d7596e57030f4c731c454c8bc80f1dd720c83b13fd8c04d747e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G9jb8mIyHYEN7xnbP6j9Fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-G9jb8mIyHYEN7xnbP6j9Fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smga8vmSSAWAuI30m-YvoGxDt8PFjehE9n5YuYznq6YDrrZSBmqwDygTiubjprARDzrZvOarh-OuuWM9NZ9wBxzPPprClAvJh1ButqIJ4SOIN1DhC3RM9gnQbETukzWEOA-HPmDNbfQFx2-xxrHRAL8XCs3XJjLZvAjCfd0xkBrV1cag"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7827 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfHsgPFRVlJjff5Co7rWUrRgg0wkYtdVw5dPottOlyWm4YkDiSkQAfWyyKfUHFgtPzmFX-Ua9GHB5b15v6IOfZMc8-w_Q9OGe5c5NsYVgTVV5u-G0F-NiqmsDy8S9tit4f-91o1RUuQR5Nxa2l7sMMao7SR-vjFrEXAJmjGOA4uX97tv8abGs4FjO6Gbd7_ZQu9GMiDo8hQXIbciuxY6ESSWp5V2Mp3CSsAWni_cRh1vzGwzA4UZX9eHTn8VEHuh43aA0kW-UFSplIwZNKxAAQQAwzGScTGnHpgMw_dX7JW1Vp0U6mjPI0Z7pwvMBUORuLL7P4pieJnjTHr4soFcE&sai=AMfl-YSUt438SZ4zcr847hKkfNBoeV_USkGc1QSTWM_9d7olHai1mtzTFLzvXCbt7ycu7yd96Hko7goJv2F3o8Bxa8srH90_A4YyDAXRhD-HvMmcsba5B6YSaBZE7iqPKJM&sig=Cg0ArKJSzJUCIUu_NmBjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tag
a.teads.tv/page/165166/ Frame 7827 		747 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/165166/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.85.54 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-85-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f893329df2f38b535023689dc8f6a9b5e6e906abaf1ebc723fe986360cc0013d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:09 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, no-store
access-control-allow-credentials
true
content-length
466
expires
0
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7827 		205 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 08:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
1073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63000
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:53:16 GMT
truncated
/ Frame 7827 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
589f17b5843d8c636990b9e4b668ef49a62056bc5f4439174906ca2424ccdd09

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
teads-format.min.js
a.teads.tv/media/format/v3/ 		584 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/165166/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.85.54 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-85-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b08c7eb7ffd69d0f8be6530e551e116ec28be986094324bbc977d8ca81c19f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:09 GMT
content-encoding
br
last-modified
Thu, 25 Jan 2024 11:19:39 GMT
x-amz-request-id
FJ5X0DY54PGNTVYT
etag
"740675d5eaa9b2e7916ff7834fa899a8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
0
accept-ranges
bytes
content-length
136261
x-amz-id-2
mbhzPQSZF4Mpt2GftQ/cJ0/PWbFnFodlZAOG0PsQwJw/vFyXoucTrIsM6+sY3hEJTcV3FOcl9yU=
expires
Sun, 28 Jan 2024 09:41:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7827 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMdwPRv_GaTCqcVNsCuhdSp5jir5SqoVyHsPbz6DVV3nD6Sbb-zaXkiRWetNFViM4fsXhaz8myScTRFSeJjFuUsXV-e7tAHyaPnZJUkFcWpQTmWPf5FFZuFfe0QtzHDdFqiOJXq8kdUkXztNDfGiULWvK1VKNTrMdbighlFlmXF27UdMC-6DQ4mdZgXH0Px4uZx9SaWdrWMLLn8pMegW6fCnUhtlmBS-1CGp-ogRMAkaFT9gS4e9g14rz3RQQIbYil8OaVHiauWEFDrfDEOFgOgyId1efthaZN1gxf9F5cPwnvwz4hNqUV346DiSosJzblLprqPSre_jxtLodb9agpGA&sai=AMfl-YRUGd3bpZldTmQOUhI4Z9jNHBfn-aJCWuGimbSd8QYWSbcdr10i48Gyxp6a8uv-x6Y8i7THsDgkNRdQ_xiZSdmjH95AWqo3HsaK0rYc7A2gciaTAJ7S7F2QoFsrfE4&sig=Cg0ArKJSzHrQQe4rZWxhEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 28 Jan 2024 09:11:10 GMT
container.html
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1761 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
expires
Mon, 27 Jan 2025 09:11:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A94B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
expires
Mon, 27 Jan 2025 09:11:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7872 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
expires
Mon, 27 Jan 2025 09:11:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 207D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
expires
Mon, 27 Jan 2025 09:11:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 96CF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401250101/pubads_impl.js?cb=31080709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
expires
Mon, 27 Jan 2025 09:11:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
frame_ads_
fundingchoicesmessages.google.com/f/AGSKWxX8jrzWQyCFr8nRAZLHOAvtxQr_TG1f5chbjMH0WeZnOeuSN0Z0r6_u14Ve1Ftz6Xuo9AtKDijwa16Mx9TbHXeqrebmjOpyn8rrNjhOdfd49-avAAS4gAB5A-T-oiVKq2RBp4gg0y0odGBEPJzgIQ_FeGSmk... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX8jrzWQyCFr8nRAZLHOAvtxQr_TG1f5chbjMH0WeZnOeuSN0Z0r6_u14Ve1Ftz6Xuo9AtKDijwa16Mx9TbHXeqrebmjOpyn8rrNjhOdfd49-avAAS4gAB5A-T-oiVKq2RBp4gg0y0odGBEPJzgIQ_FeGSmkM1JiyFygskdbBCFxByLekVttCB5TA1l/_-ads-530x85./advert6./downads./ads88./frame_ads_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxPEIo90jKXuFkWlMpFtfc2vWS8gA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8acdb8f5013444fc75a7f5138c7e1c35d12dbc6b45aad3ca144b94cf36588d13
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OsxMTRMLUJD65ttSA9J4bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-OsxMTRMLUJD65ttSA9J4bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smga8vmSSAWAuI30m-YvoGxDt8PFjehE9n5YuYznq6YDrrZSBmqwDygTiubjprARDzrZvOarh-OuuWM9NZ9wBxzPPprClAvJh1ButqIJ4SOIN1DhC3RM9gnQbETukzWEOA-HPmDNbfQFx2-xxrHRALcXOs23JjLZvAjN6jVgBRrVvx"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxPEIo90jKXuFkWlMpFtfc2vWS8gA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:48:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
69787
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 13:48:03 GMT
AGSKWxUsmDvnvfskVG94M12S_nLY3xedjR-j8pwo3pHzK17qa37V1WziwakljKWqiB1_Z90026i_VgXUUNXKvIP5fX1vkvOS0fBXQjjZdGvMSa0GsWTa8DS5swz1PD_I_acIX_2qmx0Ycw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUsmDvnvfskVG94M12S_nLY3xedjR-j8pwo3pHzK17qa37V1WziwakljKWqiB1_Z90026i_VgXUUNXKvIP5fX1vkvOS0fBXQjjZdGvMSa0GsWTa8DS5swz1PD_I_acIX_2qmx0Ycw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzBbmq2zME3JMPFTDIqo5tO3kA2UA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2TolbQF2xtvXDKPhgwn5Pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-2TolbQF2xtvXDKPhgwn5Pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY92WG2vZBFZcutHKBADwHCCe"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sitchu.com.au
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 69F5 		645 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEYlL3qwgEwAQ&v=APEucNVp4-xSfVaSZfv6Be1CTX5HE05QGjHWo17e1YHn556yiFWRN0Xmpfmmr9Q6qim4Dez1qWhBU8m0CyMY0Ew_C0SgTAmzBR1QmcLFFuUYTY-dQ6k-zkg
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1761 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 22:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jan 2024 22:42:46 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 1761 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
70708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 13:32:42 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 1761 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
70096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 13:42:54 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1761 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:53:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
227849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:53:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1761 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
55938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:38:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 20CE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
71013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:27:37 GMT
etag
48472445140208031
expires
Sun, 28 Jan 2024 13:27:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1761 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
55506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:46:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1761 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C5Kd7ZJC5TPFxAyEhjGf1v8VKoRiQiPjS8WZEC_VkSjRFesvKy37vF7je-vvt-BWG_5wZVGNFnetiVDG6xZAz9ZXfY3ojE4-P0wPT86zcCo8axkWU
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 1761 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdYDX4bWT58rBAtRwfFecaLCjFk8IbuDjSnAJYgPFMWJF03a3m73p5V4WuvZHvEZFDWkv4qbURZHVFz__pU5wCsIPiiQ
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1761 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:11:10 GMT
track
t.teads.tv/ 		23 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=0c2c4c31-0338-4330-8019-69fe1c2cf2bb&pageId=165166&pid=179930&debug_metadata=l0XQwF07hu&fv=1320&ts=1706433070178&f=1&referer=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.137.62 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-137-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=0c2c4c31-0338-4330-8019-69fe1c2cf2bb&pageId=165166&pid=179930&slot=polymorph&fv=1320&ts=1706433070186&f=1&referer=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.84.137.62 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-84-137-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 28 Jan 2024 09:11:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1B5B 		668 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEY5b3qwgEwAQ&v=APEucNXKtKx_Bxp54Cs_xd-imlTNFtA3yn8_f2KRIxRkFqHKUK-5pmawmhDu3iGruMDI0RSVcRNlIsBJhTH4LvERDvC8pvTJ4tVc2zw3WdDgiIr33nHUxxs
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
246
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame A94B 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 22:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jan 2024 22:42:46 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame A94B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
70708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 13:32:42 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame A94B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
70096
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 13:42:54 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A94B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:53:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
227849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:53:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame A94B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
55938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:38:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4318 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
71013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:27:37 GMT
etag
48472445140208031
expires
Sun, 28 Jan 2024 13:27:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame A94B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
55506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:46:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A94B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BeqMx8JikL8OuMom_kqftNcrbcPMkTwjW3idvmBsxogt8zW1-icOJ6XVAoDBlmdy3ADOhfFu2aScEAoX042LRIjYwRLbMeOMFXmFFLuccNztwZdsk
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame A94B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2Hk6VAnWOiDzHC1wZ86Ru1IXc6C43VwsTE8bPMAbTQCPzB-VuvBi8ImPgc-y9lzJ3U0yG0XcYYa8reOil6Kqb9S13zQ
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A94B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:11:10 GMT
ad
a.teads.tv/page/165166/ 		485 B
923 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/165166/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fsitchu.com.au%2Fentertaining%2Faustralian-pre-mixed-cocktails&auctid=0c2c4c31-0338-4330-8019-69fe1c2cf2bb&autoplay=true&formatVersion=1320&env=js-web&netBw=10&ttfb=2696
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.85.54 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-85-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
455bc018a3976969625a41951ddaf748bdabd8c08197a7dbd8e55e775faa7ac6

Request headers

Accept
application/json; charset=UTF-8
Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sitchu.com.au
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
352
expires
Sun, 28 Jan 2024 09:11:10 GMT
css
fonts.googleapis.com/ Frame 7872 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 28 Jan 2024 07:41:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Jan 2024 09:11:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7872 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 22:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
37699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 22:42:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 7872 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
55506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:46:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7872 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
55938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:38:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F628 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
71013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:27:37 GMT
etag
48472445140208031
expires
Sun, 28 Jan 2024 13:27:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7872 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
55506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:46:04 GMT
l
www.google.com/ads/measurement/ Frame 7872 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFgaEeBK0fEc3cUPX9PwUCt0gaU-OTuJFQd5_XJbgMzzgfsI5GaK0VhUiTG2WCVC5omVRkM0wjE1p4cQHadGdabG1V6g
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7872 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:11:10 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame 7872 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 10:19:49 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/16315933169444343767/ Frame 7872 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16315933169444343767/2076313506083323656
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abca060232f144f04c4e4d3546e2fc8c79cc2ba0e0ee64d28717b620e1404589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sun, 28 Jan 2024 09:11:10 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61357
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 00:03:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 27 Jan 2025 09:11:10 GMT
truncated
/ Frame 7872 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd3b05151a16ad486f5d69bf946694e2a1f7f4dea72ce9088a5144d6c922d9d2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
rum
dsum-sec.casalemedia.com/ Frame 69F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtoxf3Ex02jk5qvx820PdI&google_cver=1&gdpr=0
43 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtoxf3Ex02jk5qvx820PdI&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEYlL3qwgEwAQ&v=APEucNVp4-xSfVaSZfv6Be1CTX5HE05QGjHWo17e1YHn556yiFWRN0Xmpfmmr9Q6qim4Dez1qWhBU8m0CyMY0Ew_C0SgTAmzBR1QmcLFFuUYTY-dQ6k-zkg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGo9aI%2FncLQsPtyQI%2FafJsjjhTweycMXjMThR%2BlWrcYhulqeP%2Bze44R4HsYZz0pePzvQqkzmc4kJ%2BP54SDCEB7yfZ8ki4Ol2001fY3gcnWf7RZe4CvC%2B%2FuqvizElFDyx%2Fli%2FGZoyADbFSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84c81b44184236a1-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtoxf3Ex02jk5qvx820PdI&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 69F5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbYaLh13AuqwcNNuFe-BUgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtoxf3Ex02jk5qvx820PdI&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtoxf3Ex02jk5qvx820PdI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEYlL3qwgEwAQ&v=APEucNVp4-xSfVaSZfv6Be1CTX5HE05QGjHWo17e1YHn556yiFWRN0Xmpfmmr9Q6qim4Dez1qWhBU8m0CyMY0Ew_C0SgTAmzBR1QmcLFFuUYTY-dQ6k-zkg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJslYvHcTjwtLyuT2xWwxRJzwOHUgNdjiWJmlVoUgRxX74G7hDvA4mxIQHIHBB4KeYNrmm1sJ5bu7n8F%2BdrgY534oC6WXx%2F3%2FIJf4kzKfM%2FeDSqXslGnDzHJEunHWGhGmDyhWl1RmJ5M%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84c81b44586236a1-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJtoxf3Ex02jk5qvx820PdI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 69F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBKxvqg6LsRmIAN2mvGOl7g&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBKxvqg6LsRmIAN2mvGOl7g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEYlL3qwgEwAQ&v=APEucNVp4-xSfVaSZfv6Be1CTX5HE05QGjHWo17e1YHn556yiFWRN0Xmpfmmr9Q6qim4Dez1qWhBU8m0CyMY0Ew_C0SgTAmzBR1QmcLFFuUYTY-dQ6k-zkg
Protocol
H2
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
an-x-request-uuid
bf759742-ad48-47a8-bde2-f9f47e6477b5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEBKxvqg6LsRmIAN2mvGOl7g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69F5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEYlL3qwgEwAQ&v=APEucNVp4-xSfVaSZfv6Be1CTX5HE05QGjHWo17e1YHn556yiFWRN0Xmpfmmr9Q6qim4Dez1qWhBU8m0CyMY0Ew_C0SgTAmzBR1QmcLFFuUYTY-dQ6k-zkg
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
an-x-request-uuid
62d219b9-bc70-4244-93d2-cc872123ab8f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D
x-proxy-origin
166.0.205.4; 166.0.205.4; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 207D 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 28 Jan 2024 07:40:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Jan 2024 09:11:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 207D 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 22:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
37699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 22:42:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 207D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
55506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:46:04 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 45BB 		143 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
1942
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 08:38:48 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 207D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
55938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:38:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 35F2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
71013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:27:37 GMT
etag
48472445140208031
expires
Sun, 28 Jan 2024 13:27:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 207D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
55506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:46:04 GMT
l
www.google.com/ads/measurement/ Frame 207D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaROVdOdXFLWVDY8w11dYyxMY2NKhBC-0boRMsUUHJVHm-3E6AbvF3MpVfxZ8RuNdYXVKckL5gWIORSgFWrueEuhhPqQrg
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 207D 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:11:10 GMT
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame 207D 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 10:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 10:19:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5737 		503 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYjNiktgEwAQ&v=APEucNVRzsQySvC6F0KvOaPjkanu7XKInoG-0KneqU_HuooRCEw_CV7gp3eynUBTCGsl321KDK3l9H5mCsE6cccsGYKGKnzCzv90vt6FkcGhKm7Nv06WHcY
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
198
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 96CF 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:11:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96CF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9DdO11mR91waTcO-OdSGBobFLk4KfILRzNScomRQzS00ynIpnQR0lIfV7Tm9jSZLWyYwNp6AVhevWgNKYRFmcZm0kAF7uTRHr4-WQ28PLXZ4bAiY
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 96CF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:38:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
55938
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:38:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 96CF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
55506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 17:46:04 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 96CF 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:11:10 GMT
truncated
/ Frame 207D 		161 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
AGSKWxUsmDvnvfskVG94M12S_nLY3xedjR-j8pwo3pHzK17qa37V1WziwakljKWqiB1_Z90026i_VgXUUNXKvIP5fX1vkvOS0fBXQjjZdGvMSa0GsWTa8DS5swz1PD_I_acIX_2qmx0Ycw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUsmDvnvfskVG94M12S_nLY3xedjR-j8pwo3pHzK17qa37V1WziwakljKWqiB1_Z90026i_VgXUUNXKvIP5fX1vkvOS0fBXQjjZdGvMSa0GsWTa8DS5swz1PD_I_acIX_2qmx0Ycw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzBbmq2zME3JMPFTDIqo5tO3kA2UA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KSA6vfG3MsEaPrB4DZxnaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-KSA6vfG3MsEaPrB4DZxnaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY92WG2vZBE4sv9bABADq0iB7"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sitchu.com.au
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUsmDvnvfskVG94M12S_nLY3xedjR-j8pwo3pHzK17qa37V1WziwakljKWqiB1_Z90026i_VgXUUNXKvIP5fX1vkvOS0fBXQjjZdGvMSa0GsWTa8DS5swz1PD_I_acIX_2qmx0Ycw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUsmDvnvfskVG94M12S_nLY3xedjR-j8pwo3pHzK17qa37V1WziwakljKWqiB1_Z90026i_VgXUUNXKvIP5fX1vkvOS0fBXQjjZdGvMSa0GsWTa8DS5swz1PD_I_acIX_2qmx0Ycw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzBbmq2zME3JMPFTDIqo5tO3kA2UA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tmk4ohqqwlrxNGlyV8Nqug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-tmk4ohqqwlrxNGlyV8Nqug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY92WG2vZBG7cPd_KBADxHSDQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://sitchu.com.au
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUsmDvnvfskVG94M12S_nLY3xedjR-j8pwo3pHzK17qa37V1WziwakljKWqiB1_Z90026i_VgXUUNXKvIP5fX1vkvOS0fBXQjjZdGvMSa0GsWTa8DS5swz1PD_I_acIX_2qmx0Ycw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUsmDvnvfskVG94M12S_nLY3xedjR-j8pwo3pHzK17qa37V1WziwakljKWqiB1_Z90026i_VgXUUNXKvIP5fX1vkvOS0fBXQjjZdGvMSa0GsWTa8DS5swz1PD_I_acIX_2qmx0Ycw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzBbmq2zME3JMPFTDIqo5tO3kA2UA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PiXdnXTKP_Lo0VFYXD_MVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PiXdnXTKP_Lo0VFYXD_MVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY92WG2vZBHY0PW5lAgDqHyBY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sitchu.com.au
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVVlsI6WN1gAWhH7U6cNxugyY0ZAs44CJwNA1n0lrm4Oa_A4OadKRG3QLWsWbkNg7X6c_4BzfYpHHcO3yduQ8FlfusZ5JeAqzW81yOfnDlsPfzbcUy8iYQpPFDpcbyea9un5qgR-g==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVVlsI6WN1gAWhH7U6cNxugyY0ZAs44CJwNA1n0lrm4Oa_A4OadKRG3QLWsWbkNg7X6c_4BzfYpHHcO3yduQ8FlfusZ5JeAqzW81yOfnDlsPfzbcUy8iYQpPFDpcbyea9un5qgR-g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NDMzMDcwLDMxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zaXRjaHUuY29tLmF1L2VudGVydGFpbmluZy9hdXN0cmFsaWFuLXByZS1taXhlZC1jb2NrdGFpbHMiLG51bGwsW1s4LCJZdGt2VXZyMEtoSSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzBbmq2zME3JMPFTDIqo5tO3kA2UA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee0d4cf5856eacfa3afbf61f98294d6becb3ee6a3cf5a9fb91fc260a5d84c5ce
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-s3ZP6Rx142aHd-kr0-P0nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-s3ZP6Rx142aHd-kr0-P0nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smga8vmSSAWAuI30m-YvoGxDt8PFjehE9n5YuYznq6YDrrZSBmqwDygTiubjprARDzrZvOarh-OuuWM9NZ9wBxzPPprClAvJh1ButqIJ4SOIN1DhC3RM9gnQbETukzWEOA-HPmDNbfQFx2-xxrHRAL8XCs23JjLZvAgh3TdzACALTMXH0"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 20CE
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFhI3aUwOVJZhhNECOOYMS0&google_cver=1&google_push=AXcoOmQ_w4znCD4Rbfta9KDoRQgSG2aDCZbZDVihowqIym73m4RVC6haCev3OzCm142wqBaXwrVtq...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ_w4znCD4Rbfta9KDoRQgSG2aDCZbZDVihowqIym73m4RVC6haCev3OzCm142wqBaXwrVtqU5ZdpCzCV-b-edYXSzs8VW5
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ_w4znCD4Rbfta9KDoRQgSG2aDCZbZDVihowqIym73m4RVC6haCev3OzCm142wqBaXwrVtqU5ZdpCzCV-b-edYXSzs8VW5
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Jan 2024 09:11:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9B698E0DB4E647C587E636647F290B11 Ref B: YTO01EDGE0409 Ref C: 2024-01-28T09:11:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ_w4znCD4Rbfta9KDoRQgSG2aDCZbZDVihowqIym73m4RVC6haCev3OzCm142wqBaXwrVtqU5ZdpCzCV-b-edYXSzs8VW5
x-li-proto
http/2
content-length
0
x-li-uuid
AAYP/ekD4SOTGVYZm+xeNA==
usersync.aspx
dis.criteo.com/dis/ Frame 20CE 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT7jTJh4ZTaMs8J2YQjaKIvLDH7gALC-TbkJrXXekzQgWeEuzPLk6yVdmfPHvteDUrJtDaBQLE5tsRmDiUEAmKDPXTixJdi&google_gid=CAESENi14ul1Gc6c2NlYCx3HUOQ&google_cver=1
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
212839
expires
Sun, 28 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 20CE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE_o9Q6xMOUqtN76cZNo2Og&google_cver=1&google_push=AXcoOmSj1Of1MyZrLoe6q3QsQ4nAmsRsC5x9u_bBZ_PH8LVBHKZlp20VA3J9sHuJ_1jf63DxnT5toGiQuy_-a-4...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=eWKhpx5YUWtHALyFbQLb_aYAzQQ&google_push=AXcoOmSj1Of1MyZrLoe6q3QsQ4nAmsRsC5x9u_bBZ_PH8LVBHKZlp20VA3J9sHuJ_1jf63DxnT5toGiQuy_-a-...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=eWKhpx5YUWtHALyFbQLb_aYAzQQ&google_push=AXcoOmSj1Of1MyZrLoe6q3QsQ4nAmsRsC5x9u_bBZ_PH8LVBHKZlp20VA3J9sHuJ_1jf63DxnT5toGiQuy_-a-4etG14I9YoWapS
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=eWKhpx5YUWtHALyFbQLb_aYAzQQ&google_push=AXcoOmSj1Of1MyZrLoe6q3QsQ4nAmsRsC5x9u_bBZ_PH8LVBHKZlp20VA3J9sHuJ_1jf63DxnT5toGiQuy_-a-4etG14I9YoWapS
Date
Sun, 28 Jan 2024 09:11:10 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 20CE
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMiJv2xIjGXnBWHEAhC6meQ&google_cver=1&google_push=AXcoOmT4yQyW69E9pwQjvi5ZU3FinzLr2DSrc_NSrUGGoshJogJ-oAGjxCC7uQVsDFkCdVpXXQ8iPnXHX2X9yRP9JuSJBsN38hBu
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT4yQyW69E9pwQjvi5ZU3FinzLr2DSrc_NSrUGGoshJogJ-oAGjxCC7uQVsDFkCdVpXXQ8iPnXHX2X9yRP9JuSJBsN38hBu&google_hm=VkVBUG9ISGJiUEhsUURX...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT4yQyW69E9pwQjvi5ZU3FinzLr2DSrc_NSrUGGoshJogJ-oAGjxCC7uQVsDFkCdVpXXQ8iPnXHX2X9yRP9JuSJBsN38hBu&google_hm=VkVBUG9ISGJiUEhsUURXSThha1o=
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT4yQyW69E9pwQjvi5ZU3FinzLr2DSrc_NSrUGGoshJogJ-oAGjxCC7uQVsDFkCdVpXXQ8iPnXHX2X9yRP9JuSJBsN38hBu&google_hm=VkVBUG9ISGJiUEhsUURXSThha1o=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 20CE
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEBf_Fr0Gg6KyPZRBBDvAPIk&google_cver=1&google_push=AXcoOmSgT8VGOTnUVb6ylqXcskd7x6JRBWNaEixbH1Yz7iTDUPYw3m7x9LBuwIXAFu_nI5Q8_FKEbVcB...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEBf_Fr0Gg6KyPZRBBDvAPIk%26google_cver%3D1%26google_push%3DAXcoOmSgT8VGOTnUVb6ylq...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A376228467116696185&exchange=193&google_gid=CAESEBf_Fr0Gg6KyPZRBBDvAPIk&google_cver=1&google_push=AXcoOmSgT8VGOTnUVb6ylqXcskd7x6JRBWNaEixbH1Yz7iTDUPYw3...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTM3NjIyODQ2NzExNjY5NjE4NQ&google_push=AXcoOmSgT8VGOTnUVb6ylqXcskd7x6JRBWNaEixbH1Yz7iTDUPYw3m7x9LBuwIXAFu_nI5Q8_FKEbVcB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTM3NjIyODQ2NzExNjY5NjE4NQ&google_push=AXcoOmSgT8VGOTnUVb6ylqXcskd7x6JRBWNaEixbH1Yz7iTDUPYw3m7x9LBuwIXAFu_nI5Q8_FKEbVcBBt_HLXfD5Nm2204PGbId_g
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTM3NjIyODQ2NzExNjY5NjE4NQ&google_push=AXcoOmSgT8VGOTnUVb6ylqXcskd7x6JRBWNaEixbH1Yz7iTDUPYw3m7x9LBuwIXAFu_nI5Q8_FKEbVcBBt_HLXfD5Nm2204PGbId_g
Date
Sun, 28 Jan 2024 09:11:11 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 20CE
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHswq4xdvw0b3bDZSwLmGMw&google_cver=1&google_push=AXcoOmTwVtsyLbyaAtZSRVx1n0IS9xx9WeIW142fD--6N2i6CKKb-VE-hrm8PaG_XLnsD5uxcdaIoQHu4Uj16kq7B...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBkMjRmOGMtYmU1MC00YjNkLTk4MGQtNDY5YTUwZjE3Zjc0&google_push=AXcoOmTwVtsyLbyaAtZSRVx1n0IS9xx9WeIW142fD--6N2i6CKKb-VE-hrm8PaG_...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBkMjRmOGMtYmU1MC00YjNkLTk4MGQtNDY5YTUwZjE3Zjc0&google_push=AXcoOmTwVtsyLbyaAtZSRVx1n0IS9xx9WeIW142fD--6N2i6CKKb-VE-hrm8PaG_XLnsD5uxcdaIoQHu4Uj16kq7BgbQkOqB5lFicg
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBkMjRmOGMtYmU1MC00YjNkLTk4MGQtNDY5YTUwZjE3Zjc0&google_push=AXcoOmTwVtsyLbyaAtZSRVx1n0IS9xx9WeIW142fD--6N2i6CKKb-VE-hrm8PaG_XLnsD5uxcdaIoQHu4Uj16kq7BgbQkOqB5lFicg
date
Sun, 28 Jan 2024 09:11:10 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 20CE
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEGu8m2QCuIT9vXNB8yiFKsE&google_cver=1&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-8c9ahX9ulB_qsWdj_9LprcNZKG8VrF4IITKQ8DvuQg&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIp...
  • https://cm.g.doubleclick.net/pixel?google_hm=RZ8k_Rt93xgwVMSCTsmN&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw&google_nid=inmob...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=RZ8k_Rt93xgwVMSCTsmN&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw&google_nid=inmobi_new_eb
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Jan 2024 09:11:11 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=RZ8k_Rt93xgwVMSCTsmN&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
227
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 20CE 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IW2KG7RqlT1DdxnVpxLzARajBiJQsffMALjTwJ2XUvxyHDGOz7CbdqKnxvYBPSyRo_SHmxz6hy
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame 1B5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1&gdpr=0
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEY5b3qwgEwAQ&v=APEucNXKtKx_Bxp54Cs_xd-imlTNFtA3yn8_f2KRIxRkFqHKUK-5pmawmhDu3iGruMDI0RSVcRNlIsBJhTH4LvERDvC8pvTJ4tVc2zw3WdDgiIr33nHUxxs
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1&gdpr=0
date
Sun, 28 Jan 2024 09:11:10 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 1B5B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEwYWQwMDctM2JhYS0yOWZiLWRmOTItMmYwY2I0MGUwZWM4
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEwYWQwMDctM2JhYS0yOWZiLWRmOTItMmYwY2I0MGUwZWM4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEY5b3qwgEwAQ&v=APEucNXKtKx_Bxp54Cs_xd-imlTNFtA3yn8_f2KRIxRkFqHKUK-5pmawmhDu3iGruMDI0RSVcRNlIsBJhTH4LvERDvC8pvTJ4tVc2zw3WdDgiIr33nHUxxs
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEwYWQwMDctM2JhYS0yOWZiLWRmOTItMmYwY2I0MGUwZWM4
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 1B5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEAFhrr4LS9uw5_J8H7MQEAI&google_cver=1&gdpr=0
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAFhrr4LS9uw5_J8H7MQEAI&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEY5b3qwgEwAQ&v=APEucNXKtKx_Bxp54Cs_xd-imlTNFtA3yn8_f2KRIxRkFqHKUK-5pmawmhDu3iGruMDI0RSVcRNlIsBJhTH4LvERDvC8pvTJ4tVc2zw3WdDgiIr33nHUxxs
Protocol
H2
Server
23.50.125.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-47.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 09:11:10 GMT
pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEAFhrr4LS9uw5_J8H7MQEAI&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1B5B
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjE4M2NhZmQtZDVkNC00MjBmLTlhOTktOGNlYTY3ZjVmOWRh
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjE4M2NhZmQtZDVkNC00MjBmLTlhOTktOGNlYTY3ZjVmOWRh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ_uHy8QEY5b3qwgEwAQ&v=APEucNXKtKx_Bxp54Cs_xd-imlTNFtA3yn8_f2KRIxRkFqHKUK-5pmawmhDu3iGruMDI0RSVcRNlIsBJhTH4LvERDvC8pvTJ4tVc2zw3WdDgiIr33nHUxxs
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
pekko-http/1.0.0
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjE4M2NhZmQtZDVkNC00MjBmLTlhOTktOGNlYTY3ZjVmOWRh
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 28 Jan 2024 09:11:10 GMT
pixel
cm.g.doubleclick.net/ Frame 4318
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFhI3aUwOVJZhhNECOOYMS0&google_cver=1&google_push=AXcoOmQGz9Tk1UIXw1Ywgct1jHxGjLDgnRn3Zk8Z11nDUU3E8w2v_B6cHduQLULBxR9lxgAn_mnYw...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQGz9Tk1UIXw1Ywgct1jHxGjLDgnRn3Zk8Z11nDUU3E8w2v_B6cHduQLULBxR9lxgAn_mnYwBdUPPNOBNJy1n6M-lW9o0h9
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQGz9Tk1UIXw1Ywgct1jHxGjLDgnRn3Zk8Z11nDUU3E8w2v_B6cHduQLULBxR9lxgAn_mnYwBdUPPNOBNJy1n6M-lW9o0h9
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Jan 2024 09:11:09 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: ABA63D194F034477936709E6B67C9120 Ref B: YTO01EDGE0409 Ref C: 2024-01-28T09:11:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQGz9Tk1UIXw1Ywgct1jHxGjLDgnRn3Zk8Z11nDUU3E8w2v_B6cHduQLULBxR9lxgAn_mnYwBdUPPNOBNJy1n6M-lW9o0h9
x-li-proto
http/2
content-length
0
x-li-uuid
AAYP/ekDgVRrbk4AWb5URA==
pixel
cm.g.doubleclick.net/ Frame 4318
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGbO6a7-SHGzkBkQvrDhb90&google_cver=1&google_push=AXcoOmQgnExGI6-SEt42eZaIcyxKjQjLh90mHhi6pBgDwnGSewl6GAYROiGImFttKdKymIMVjn24PrA1-wtOGeLAdgREuBK...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQgnExGI6-SEt42eZaIcyxKjQjLh90mHhi6pBgDwnGSewl6GAYROiGImFttKdKymIMVjn24PrA1-wtOGeLAdgREuBKg6-O4&google_hm=eS1XV3NXb3dWRTJwSFpYX2...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQgnExGI6-SEt42eZaIcyxKjQjLh90mHhi6pBgDwnGSewl6GAYROiGImFttKdKymIMVjn24PrA1-wtOGeLAdgREuBKg6-O4&google_hm=eS1XV3NXb3dWRTJwSFpYX2hacURvQUpodUROeUw5SnJ2Tn5B
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Jan 2024 09:11:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQgnExGI6-SEt42eZaIcyxKjQjLh90mHhi6pBgDwnGSewl6GAYROiGImFttKdKymIMVjn24PrA1-wtOGeLAdgREuBKg6-O4&google_hm=eS1XV3NXb3dWRTJwSFpYX2hacURvQUpodUROeUw5SnJ2Tn5B
content-length
0
asr
aid.send.microad.jp/g/ Frame 4318 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEN99oDKp-iL0rXlBE5uJNpk&google_cver=1&google_push=AXcoOmQT25kcu3qzlpByJdB96uu7djXgANw3vUAJ4b_p2WIOE8KBCcuNRLKF-EE6ohrGQk9Ylx1rryt45ZbKNgwHRIliA4OSAiU
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 09:11:11 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 4318
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAO6QG2UWVrn7yplaR_jMTo&google_cver=1&google_push=AXcoOmTU2zyog8O8X8SWJcSnvvZOaZymsT72fy7t9Piwwath0veB0KWAo6vIOU4nD4XL-XNA-kjAeP42OnXt...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTU2zyog8O8X8SWJcSnvvZOaZymsT72fy7t9Piwwath0veB0KWAo6vIOU4nD4XL-XNA-kjAeP42OnXtpHLieREUxgZ4ObU
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTU2zyog8O8X8SWJcSnvvZOaZymsT72fy7t9Piwwath0veB0KWAo6vIOU4nD4XL-XNA-kjAeP42OnXtpHLieREUxgZ4ObU
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTU2zyog8O8X8SWJcSnvvZOaZymsT72fy7t9Piwwath0veB0KWAo6vIOU4nD4XL-XNA-kjAeP42OnXtpHLieREUxgZ4ObU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 4318
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOkg9R6Y8j3-Qcg4PXXSywI&google_cver=1&google_push=AXcoOmQz1Ey4AThsjnjHurX7BaLQx8s9z9avIoINo_i9uFBBsZ7-GWzJUnVeOG3LWVc6pz1G-ktcFb1gExUN2nUXBQhGSkG0Z1T5
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQz1Ey4AThsjnjHurX7BaLQx8s9z9avIoINo_i9uFBBsZ7-GWzJUnVeOG3LWVc6pz1G-ktcFb1gExUN2nUXBQhGSkG0Z1T...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODMxNzY3OTY5NDUzNDQxMjg4MzUy&google_push=AXcoOmQz1Ey4AThsjnjHurX7BaLQx8s9z9avIoINo_i9uFBBsZ7-GWzJUnVeOG3L...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODMxNzY3OTY5NDUzNDQxMjg4MzUy&google_push=AXcoOmQz1Ey4AThsjnjHurX7BaLQx8s9z9avIoINo_i9uFBBsZ7-GWzJUnVeOG3LWVc6pz1G-ktcFb1gExUN2nUXBQhGSkG0Z1T5
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODMxNzY3OTY5NDUzNDQxMjg4MzUy&google_push=AXcoOmQz1Ey4AThsjnjHurX7BaLQx8s9z9avIoINo_i9uFBBsZ7-GWzJUnVeOG3LWVc6pz1G-ktcFb1gExUN2nUXBQhGSkG0Z1T5
date
Sun, 28 Jan 2024 09:11:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 4318
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEMaGKzTBa_1EL4nU4Q1hkC8&google_cver=1&google_push=AXcoOmSGG93z40ExOX8oHwUlK9OTnAxgYU6sL4_IjoHS99x721eEKlSMw3vHDgL1QkKWJG_zuebk...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEMaGKzTBa_1EL4nU4Q1hkC8&google_cver=1&google_push=AXcoOmSGG93z40ExOX8oHwUlK9OTnAxgYU6sL4_IjoHS99x721eEKlSMw3vHDgL1QkKWJG...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=bkViL1MdRYC0dFhLw6Wzaw==&no_redirect=1&google_push=AXcoOmSGG93z40ExOX8oHwUlK9OTnAxgYU6sL4_IjoHS99x721eEKl...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=bkViL1MdRYC0dFhLw6Wzaw==&no_redirect=1&google_push=AXcoOmSGG93z40ExOX8oHwUlK9OTnAxgYU6sL4_IjoHS99x721eEKlSMw3vHDgL1QkKWJG_zuebkQNAKzgH9xvAmJTkB3zqrvx-J1w
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=bkViL1MdRYC0dFhLw6Wzaw==&no_redirect=1&google_push=AXcoOmSGG93z40ExOX8oHwUlK9OTnAxgYU6sL4_IjoHS99x721eEKlSMw3vHDgL1QkKWJG_zuebkQNAKzgH9xvAmJTkB3zqrvx-J1w
date
Sun, 28 Jan 2024 09:11:10 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4318
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ab95fcff-38e0-427e-baa4-4f6da99ecd63&google_cver=1&google_gid=CAESEL-8PAaHWofOJuafuiwdvpc&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ab95fcff-38e0-427e-baa4-4f6da99ecd63&google_cver=1&google_gid=CAESEL-8PAaHWofOJuafuiwdvpc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTeSOMOJlpzYrpW-Knu5vesUX4hS0bUPQ8ffRPF5iwmy1D4CeFWPaJHyU_8VmHfLUPVOzWWETeXItf-Hskoc0iZAkJHcFHdhA&gdpr=${GDPR}
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=ab95fcff-38e0-427e-baa4-4f6da99ecd63&google_cver=1&google_gid=CAESEL-8PAaHWofOJuafuiwdvpc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTeSOMOJlpzYrpW-Knu5vesUX4hS0bUPQ8ffRPF5iwmy1D4CeFWPaJHyU_8VmHfLUPVOzWWETeXItf-Hskoc0iZAkJHcFHdhA&gdpr=${GDPR}
date
Sun, 28 Jan 2024 09:11:11 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4318 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTS5zRUTLTBLTwi5NgpBwlWhn9ID-SnnrzYuywuEME2LFCkJhOAYJ6TUICsegxuQwweUhjGzs
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 29 Jan 2024 09:11:10 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F628 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEO8L1Cg8NsEBdWz_okdmSwY&google_cver=1&google_push=AXcoOmQKCACM8hM6sCa0uFlTCM2ifMHQnAn7hSWIyFhA7YO_C452oKNUrWUmT0vO3OWQE98DuqywZ8KXX64f8MG_tGFfFKf4ax0i
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
asr
aid.send.microad.jp/g/ Frame F628 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEN99oDKp-iL0rXlBE5uJNpk&google_cver=1&google_push=AXcoOmQu6GPP_lV4ACE2vZ_cxGA_jNNgmI0oCe2Y8Yo_5wtqMdrPtr96P2qpcl15JJvkS4XZ-me7-GvsXhhNgJoApcLf_XfvzK5P
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 09:11:11 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame F628
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFjlGn4PhLuSB6WEKi9fFCU&google_cver=1&google_push=AXcoOmRx5VKQ0AMe01OAG7djn3KvIT26-XKpvpI4Gs4RmqDds2W8aETBUU6tK_OA_r_fmarPvPHVtpMRD4dRI...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFjlGn4PhLuSB6WEKi9fFCU&google_push=AXcoOmRx5VKQ0AMe01OAG7djn3KvIT26-XKpvpI4Gs4RmqDds2W8aETBUU6tK_OA_r_fmarPvPHVtpMRD4dRI...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRx5VKQ0AMe01OAG7djn3KvIT26-XKpvpI4Gs4RmqDds2W8aETBUU6tK_OA_r_fmarPvPHVtpMRD4dRISi6JWNTtQHTX8V5&google_hm=N21LdmgwMWV0X3o4N3pL...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRx5VKQ0AMe01OAG7djn3KvIT26-XKpvpI4Gs4RmqDds2W8aETBUU6tK_OA_r_fmarPvPHVtpMRD4dRISi6JWNTtQHTX8V5&google_hm=N21LdmgwMWV0X3o4N3pLRHFRbE8=
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 09:11:10 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRx5VKQ0AMe01OAG7djn3KvIT26-XKpvpI4Gs4RmqDds2W8aETBUU6tK_OA_r_fmarPvPHVtpMRD4dRISi6JWNTtQHTX8V5&google_hm=N21LdmgwMWV0X3o4N3pLRHFRbE8=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F628
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEE_o9Q6xMOUqtN76cZNo2Og&google_cver=1&google_push=AXcoOmRiBgd7yXqk5gScznFcfEe5KvEEWeXnPHs2dCJv2CJHq49REcy95wAF4y4zPh8hXYjckAjYImQDvFAOoAZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=eWKhpx5YUWtHALyFbQLb_aYAzQQ&google_push=AXcoOmRiBgd7yXqk5gScznFcfEe5KvEEWeXnPHs2dCJv2CJHq49REcy95wAF4y4zPh8hXYjckAjYImQDvFAOoA...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=eWKhpx5YUWtHALyFbQLb_aYAzQQ&google_push=AXcoOmRiBgd7yXqk5gScznFcfEe5KvEEWeXnPHs2dCJv2CJHq49REcy95wAF4y4zPh8hXYjckAjYImQDvFAOoAZuJonQlYr7OcuJ
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=eWKhpx5YUWtHALyFbQLb_aYAzQQ&google_push=AXcoOmRiBgd7yXqk5gScznFcfEe5KvEEWeXnPHs2dCJv2CJHq49REcy95wAF4y4zPh8hXYjckAjYImQDvFAOoAZuJonQlYr7OcuJ
Date
Sun, 28 Jan 2024 09:11:10 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame F628
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE1RPgHfDTHsMRmUo52-9ms&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE1RPgHfDTHsMRmUo52-9ms&google_hm=ZbYaLh13AuqwcNNuFe_BUgAABV8AAAIB&google_nid=index&google_push=AXcoOmRMdASnCBrO9PprV4tX5vLxmGmHCEEkj...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE1RPgHfDTHsMRmUo52-9ms&google_hm=ZbYaLh13AuqwcNNuFe_BUgAABV8AAAIB&google_nid=index&google_push=AXcoOmRMdASnCBrO9PprV4tX5vLxmGmHCEEkjhIyAM1vgEfaCYCQ3HpHdD5xsrknzolWenLRgOPUeSkeIkqswKpYkxsepIa9sXuD
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQyBhT%2FWva7XDmsEtlyQlhUqf7kUgTsFKh5vJHqhy12J3gtFj7p9q4vhVQFiScZdQOsfNlt23%2FXMBpvcL797mHUs8LABNZN4dC%2FKlvqooJcW1eq%2BNv5eCqFhpL4Ha8AsFeIrZEBsuicwOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE1RPgHfDTHsMRmUo52-9ms&google_hm=ZbYaLh13AuqwcNNuFe_BUgAABV8AAAIB&google_nid=index&google_push=AXcoOmRMdASnCBrO9PprV4tX5vLxmGmHCEEkjhIyAM1vgEfaCYCQ3HpHdD5xsrknzolWenLRgOPUeSkeIkqswKpYkxsepIa9sXuD
cache-control
no-cache
cf-ray
84c81b424e1d3739-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame F628
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEGu8m2QCuIT9vXNB8yiFKsE&google_cver=1&google_push=AXcoOmTuRsQ2kPEcYEhoT_nda2CZgi4nFQ5dlYKNoZnsbiiIxKXg0GDrorx5mCB7Y2YjgrUvK1r1NyF7YLRqqVo6BSrzmPZxfLvglw
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTuRsQ2kPEcYEhoT_nda2CZgi4nFQ5dlYKNoZnsbiiI...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-8c9ahX9ulB_qsWdj_9LprcNZKG8VrF4IITKQ8DvuQg&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIp...
  • https://cm.g.doubleclick.net/pixel?google_hm=RZ8k_Rt93xgwVMSCTsmN&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw&google_nid=inmob...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=RZ8k_Rt93xgwVMSCTsmN&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw&google_nid=inmobi_new_eb
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Jan 2024 09:11:11 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=RZ8k_Rt93xgwVMSCTsmN&google_push=AXcoOmQPt7VBzKZPrY2wY5cZcN3xrMKXHqDk9xwe97qnN-C1IKVqttm_lH_qHrCM_fwwBrl4ufLdpRpU4kW0nXjdEzIpQgkuJRaHLw&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
227
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame F628
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKW7mrZPW8Ig4EyOsQ8FEm0&google_cver=1&google_push=AXcoOmRfMr9q-owOu4oGTSR6XUG6JjdEIwhPNVAGSFioQmP3FyWrXGfBAnPNURtQwdz...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRfMr9q-owOu4oGTSR6XUG6JjdEIwhPNVAGSFioQmP3FyWrXGfBAnPNURtQwdz_oRTKHyds2NqF-zx4mfbc5TSnI_4rISnw6g
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRfMr9q-owOu4oGTSR6XUG6JjdEIwhPNVAGSFioQmP3FyWrXGfBAnPNURtQwdz_oRTKHyds2NqF-zx4mfbc5TSnI_4rISnw6g
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
20cf837e
date
Sun, 28 Jan 2024 09:11:10 GMT
x-bytefaas-request-id
202401280911101748D6AFE5E8756275B6
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401280911101748D6AFE5E8756275B6-590C4464E73C2259-00
x-cache
TCP_MISS from a23-202-158-16.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401280911101748D6AFE5E8756275B6
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRfMr9q-owOu4oGTSR6XUG6JjdEIwhPNVAGSFioQmP3FyWrXGfBAnPNURtQwdz_oRTKHyds2NqF-zx4mfbc5TSnI_4rISnw6g
x-bytefaas-execution-duration
3.48
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
019b6373ac7db0a6210eefb297fb4de0a2e18d83dd1e9ccf48f0a32034605438792866e9a1bb8e0d92b2d5337956775eef454a2d89c3a6f2de6ce9afa2f19653cc03d1a6a63d5cfcf5668377d7c22aba145b2d2da39b636b6e816ff843968480f4
x-origin-response-time
8,23.202.158.16
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sun, 28 Jan 2024 09:11:10 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F628 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IV9ylT1ZZT2zOHL-dnwytayEHvj1k5JlmDDkvgbdxtdQWw3aKukwwu30fmMxgJgN4Jj65GHZk
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 45BB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
expires
Sun, 28 Jan 2024 09:11:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:10 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
CookieSyncAdX
rtb.adentifi.com/ Frame 35F2 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEPAsdJxYIDJxB402Heo4bBg&google_cver=1&google_push=AXcoOmSArzzArArbOlQ5u9qpHw9LwaoXphfXUSiH6ahtvErMfon9x2yCHABoJAXtjrBoq_ng1BxoE0Deyy00L_RHRON-vynp0_WF
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.96.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-96-255.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
pixel
cm.g.doubleclick.net/ Frame 35F2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEqPG-vdueGwEQZdjf4Ecy4&google_cver=1&google_push=AXcoOmS0OnKtbSrNVEB5enAJSr1lrAOGr92-q3ZCG_4V-dLGXJzhHh0qPmFOokHaeIRuB1H3k3Q0DRAm...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEqPG-vdueGwEQZdjf4Ecy4&google_cver=1&google_push=AXcoOmS0OnKtbSrNVEB5enAJSr1lrAOGr92-q3ZCG_4V-dLGXJzhHh0qPmFOokHaeIRuB1H3k3Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA2Njk1Mjc1Njk3MTY2ODk2NA&google_push=AXcoOmS0OnKtbSrNVEB5enAJSr1lrAOGr92-q3ZCG_4V-dLGXJzhHh0qPmFOokHaeIRuB1H3k3Q0DR...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA2Njk1Mjc1Njk3MTY2ODk2NA&google_push=AXcoOmS0OnKtbSrNVEB5enAJSr1lrAOGr92-q3ZCG_4V-dLGXJzhHh0qPmFOokHaeIRuB1H3k3Q0DRAmeVAU5y_MdTQ4MusDPDkj
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODA2Njk1Mjc1Njk3MTY2ODk2NA&google_push=AXcoOmS0OnKtbSrNVEB5enAJSr1lrAOGr92-q3ZCG_4V-dLGXJzhHh0qPmFOokHaeIRuB1H3k3Q0DRAmeVAU5y_MdTQ4MusDPDkj
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 35F2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=awNB1eBXSRGumyOt2aAP3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=awNB1eBXSRGumyOt2aAP3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQzZz2Z1G2o4ynN5R7qad0Wd2zZw3zv6LRLzgFbU3O22S6Zu_GmjX7x4koNB8POmTgR9c8r_Jp5W0WzZgS62N-AkuUL1k2f
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=awNB1eBXSRGumyOt2aAP3Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQzZz2Z1G2o4ynN5R7qad0Wd2zZw3zv6LRLzgFbU3O22S6Zu_GmjX7x4koNB8POmTgR9c8r_Jp5W0WzZgS62N-AkuUL1k2f
date
Sun, 28 Jan 2024 09:11:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 35F2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOkg9R6Y8j3-Qcg4PXXSywI&google_cver=1&google_push=AXcoOmQ8WCyI8hFONOmb_cTFh0B7F8Yo5GWVuJNvNZAqN4ly_8yLHy8FwVVvJCD6XNhs7-TbITz8e5Q0-a3Fj8-jVDKcOdhIU_Y
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQ8WCyI8hFONOmb_cTFh0B7F8Yo5GWVuJNvNZAqN4ly_8yLHy8FwVVvJCD6XNhs7-TbITz8e5Q0-a3Fj8-jVDKcOdhIU_Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODMxNzY3OTY5NDUzNDQxMjg4MzUy&google_push=AXcoOmQ8WCyI8hFONOmb_cTFh0B7F8Yo5GWVuJNvNZAqN4ly_8yLHy8FwVVvJCD6...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODMxNzY3OTY5NDUzNDQxMjg4MzUy&google_push=AXcoOmQ8WCyI8hFONOmb_cTFh0B7F8Yo5GWVuJNvNZAqN4ly_8yLHy8FwVVvJCD6XNhs7-TbITz8e5Q0-a3Fj8-jVDKcOdhIU_Y
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODMxNzY3OTY5NDUzNDQxMjg4MzUy&google_push=AXcoOmQ8WCyI8hFONOmb_cTFh0B7F8Yo5GWVuJNvNZAqN4ly_8yLHy8FwVVvJCD6XNhs7-TbITz8e5Q0-a3Fj8-jVDKcOdhIU_Y
date
Sun, 28 Jan 2024 09:11:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 35F2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAO6QG2UWVrn7yplaR_jMTo&google_cver=1&google_push=AXcoOmRiRx_WAmWrXF5OaD1YyzraeUpNrCR3kVi0HfYKmSZcbVqPEy9PYzBwuoUI3HrvHlxhpecfpQPtN8R...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRiRx_WAmWrXF5OaD1YyzraeUpNrCR3kVi0HfYKmSZcbVqPEy9PYzBwuoUI3HrvHlxhpecfpQPtN8Rcz2l-c4SASggcg2S9_A
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 35F2
Redirect Chain
  • https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEKoLJENxlUL1SraGJyzXTsY&google_cver=1&google_push=AXcoOmTpmrlrUdBOGVOy7_1qZEwS_SgzRe1cd7z_T9o98gpcSdtGfgRoWSXM_pEHjJDKSKrn4DZbnrXyUcX_BCSZehZ-7...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTpmrlrUdBOGVOy7_1qZEwS_SgzRe1cd7z_T9o98gpcSdtGfgRoWSXM_pEHjJDKSKrn4DZbnrXyUcX_BCSZehZ-7VAv7AIb&google_hm=09dd4f7eecaa4a...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTpmrlrUdBOGVOy7_1qZEwS_SgzRe1cd7z_T9o98gpcSdtGfgRoWSXM_pEHjJDKSKrn4DZbnrXyUcX_BCSZehZ-7VAv7AIb&google_hm=09dd4f7eecaa4ac72n3all00lrxa6w9q
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Jan 2024 09:11:10 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTpmrlrUdBOGVOy7_1qZEwS_SgzRe1cd7z_T9o98gpcSdtGfgRoWSXM_pEHjJDKSKrn4DZbnrXyUcX_BCSZehZ-7VAv7AIb&google_hm=09dd4f7eecaa4ac72n3all00lrxa6w9q
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 35F2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmTjt3gPFUIwU...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmTjt3gPFUIwUFwSgOxwgtH483Xq8f...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmTjt3gPFUIwUFwSgOxwgtH483Xq8fOE46sfVAs4TA2XuXqSDI1Zr4wVyyDS2_Hc7D0GkzAFIG-YMBG21rtqFnyuJqYUDXAD0g
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
an-x-request-uuid
0618eef2-8ff6-4305-9ef9-9f6b49a746b1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmTjt3gPFUIwUFwSgOxwgtH483Xq8fOE46sfVAs4TA2XuXqSDI1Zr4wVyyDS2_Hc7D0GkzAFIG-YMBG21rtqFnyuJqYUDXAD0g
x-proxy-origin
166.0.205.4; 166.0.205.4; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 35F2 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Im-KiTdf-w-0knrYChT1xZkZsWg26O-AxFXeJSkdPrq_Ft6b6aqECQmq0NHR9B41-rHgcLBpo8
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sync
partners.tremorhub.com/ Frame 5737
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
  • https://partners.tremorhub.com/sync?UIGL=CAESEIbfdLanjM-WnB029vhWVX4&google_cver=1&gdpr=0
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEIbfdLanjM-WnB029vhWVX4&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKSIxC9tCMYjNiktgEwAQ&v=APEucNVRzsQySvC6F0KvOaPjkanu7XKInoG-0KneqU_HuooRCEw_CV7gp3eynUBTCGsl321KDK3l9H5mCsE6cccsGYKGKnzCzv90vt6FkcGhKm7Nv06WHcY
Protocol
H2
Server
2600:1f18:612b:4280:c452:8a8b:24f9:dc81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 28 Jan 2024 09:11:11 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEIbfdLanjM-WnB029vhWVX4&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 5737
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEAOXHlXXwbV6axTJzXYjuVU&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 5737 		0
0
AGSKWxWrpiaA7lOmhhXEDPdbISlGwpaZ7dmgTS4CTnWdjf8yIKtjwW9B_DdbzjrdWLnnbr2f8eLR2G4pXYshZMD-N97jEM5F2CpVq-6VQVlO8iaYY3KpJC34wUl-uLiVHBU7VURxB4okCg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWrpiaA7lOmhhXEDPdbISlGwpaZ7dmgTS4CTnWdjf8yIKtjwW9B_DdbzjrdWLnnbr2f8eLR2G4pXYshZMD-N97jEM5F2CpVq-6VQVlO8iaYY3KpJC34wUl-uLiVHBU7VURxB4okCg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzBbmq2zME3JMPFTDIqo5tO3kA2UA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZoV8dvt8S6JnVyODnOt0uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 28 Jan 2024 09:11:10 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZoV8dvt8S6JnVyODnOt0uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiHY92WG2vZBFasubeYCQDt_iCW"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://sitchu.com.au
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96CF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3187005099288&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96CF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3187005099288&version=m202309260101&ct=76&x=1&cor=17662260213385329000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 96CF 		82 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLRHMPKsRu9vlEx9FaW-puEhFkp7mJw3UKmdaJzfPqaCbeqzCkq8ZWTmh7YDcIq7Yd116dsSofJXeX2t4s2WTFkxGQCOJk9kWqyzjvqgPjsZNWZGa_ylrssseaPD4BLWGken-4gA4-2uqqf9pZRqAbWxDcNz7s65zf2hSSbX3iKhrLI0s&dbm_d=AKAmf-DWWZv2jDIv-fhkbZkwN3PxXrtscf4pxXOHkZQ_iMkoBPlxnQVBf58BZaZKBGQXBOZGkmzBKQzqpA3pvoRd563PPFIG74r6oskAhFyEvd5Arr_w4K7P9I6oUG9DTe-oOKUgmJpJ9R7jmIKyQKrPL4p44Q_vnx_n1nH9gz89ZGewj8mxlt_yt0na01Qc8eEKPZkggXhCX3dhkEGWI5ztfUgQ1cOUeUIA7OOISWcusa-Ane_rwbwCgT2dv7CXoDvt3FwMV_8CB5y3uirWBXSevfsAMH2lyvGPdM52FIKMZtXdIU5dZ-dLRKxzbgpEhmL7_CTv00l5OxbCRR9gjY-R1HxAqaTQOmRKWJ0w9qh4Obyk1Wzq9Vl_p53cUJfENftZpi03nWtr9L5NUkWPYjqXaPm4BzZC4vnCK9TgZK-9i0CuIvS1Df5zLEqoPDTYUUxg1x9DpFTN9TMOQzvP7h81LFPNjaJ6NDKRt7Oftj6P4iUNauOouVMPRA07Kxy00YQOF7Pvgfv5Elj_WS7NFEecBBBlRk-vnyJ0wE2JBHcrl-4dl7RmLlw9480r5QKokU0J079MoZLkI-3ggn7c2qOJ60kI1LAmFEo7PdrGvrN1DMdmYuzoCIeieMClLqRJFtqDkk41bX8QqB0OzqBEDzTY4qzpNEKYHO0-u-v8qZmSezVqmgCu_vuTl43ISiYeMfCVQDPDv0RVt3KbPVZi5FNTOX_6kh9H89YTae3r8A-gtJ1dx-P2SBxCDNaHoKq-qGUCctrfTQ7uykYvfe6je4tXF0bgO92RCz6FAIXPGTuU7hPIEwolSrctQzOA3AKUIZ8xNeJIJDrqtkREwn9C06ZqZac7TlOEDh4oPbGLwDbpkqy4LAp_b6dVBDF-jaOPP-GQFOHDbodcZ-zoEQ1JIySvPsVhF0RH3nQeYhCHRVjjQ4WSjfZro8M8-hK8m8_ZbNa3YyJ7iZK2HnPdnKeanwAxu0Hv-tEF_RN3B_UjND68zvADO7xrHbwYCduWOI5uPwAm6PGLmqA9XZdj_5BwjcOAQ6Sxd4fKn6UOt3UMTF34e5uU4b796IUaAyEjkAP7QlxZCLKmM_TfJ8-iA6ZQsIwCBmMiUeGILm8smoIG3m20eWjJ61wDtLNV2tnq8j-IWjnDnFPrXSv1cmhsPhNBd0yVuLzVptaPtMU3j_YtkGCbYVSG-LS8qptUvWQ3K-XQINygLLVDUuujz3gM_5rYnQVWTswJM1jnmhHZ80VPpltOW_GWNRtJV6Tw8QLkkVrM7lZXNMfrbzSa8YSTdHFLqiVujgev7kNFuxdOaYC2OtAkyoSngwi28jSseXzyN3aTa5IklIpey_25dnHr4xBIrIJPXfuKo-4AM41hUABQOM38nFDQccOiqjZSXbsl3_puPwGFTebLTcg9I_7k84ODVeLrfbTCnGN2NzEO3pHND4MdP6kadixhyLOTFXy8GBQXr0QxTtMkZu0LtQ-JvLN5sRCst5fATAFGEnZuFEztLbevKK0KYgz8HO-hd9tWPHQLNVNNY83NbBH-Uh8qYYSEie7GCS1fhnI3KXDfqPPGvJPlKEr8-2n2AWGSSdcAX2C5nAsItUHkYWykEBD4otWxqqunztVy4lw4ZWeb0aDqeFlqmLlQ2OHBgP_kDRU2NGh_OIcIz0w7MAr2jX_GS4iooIvAJJc50bzjviN772iAN4ilvTpcfdXkLQx82Xx1OLNDSDTZ3RlmcnF-L5qHQRSwbQ5-D_s5ZFzq_Y25amln7hvn6dm2hoM2dxUAIRBtyO9absefXvSvR4ryNwqpTbM8C7ucf1UmbQE-etV5NUm1OoFWwqzfcOI010LQyyLtzbxLwROjSIz8uSrtt3Mf2hVYQM-FILsNsSx2uoCn4kiqww6bSCuX3rIXW3Qpr0vaQrc8c8vXt7dFJGit5Hw82izS5rMqfkpVhp2lMrxoe5qF43mCyAsxWFgx5060_GGkb7baw8GPCjAnZmU7J1-7wfrZS_y91yXCuvuDzDpHoRXIPL1KouFnET5IEzLEAQhHMWzfXokc680AVo71cDOgLdfTaVbq6M8FsCcxdr7YRKkqfn9d7tr2jF66GQmX7VFADzGoitN4omTqhdnlwfQ1uiWRo9cjrROYti3I9nyN3_I0t-Z1Ip5snNrEAN_JSZ5LDYiATixu1Ipg7XnGCT0iP-VkDAqafDl0HLR-PUx-xCj7GNa1e-x_Ldj2J8ac5J5Edel-9-1rcsOEILIihnyVeP6ZwkPcMYq0CGqDgEfyuIeLjWd_dtmEtV38UaZYDXWMJw42_Uk9u6ng7NE0Wtu6rnmfQ7Mqn2iBJhhQV8Hqk4hABxxK8zQTUkIYdnBDjjSpVVYxQ8BgopOrT7X_14lS5MDJ3dIDN_bRaXmmF4ir2PNen1ARwdMUWqunJmlIYnAhtEa1eu2tCXqfU4LLICWKM9bQyIF6osUgBrCImy2wWhN8FpQUmpp49xv8LXZyX0vNfowaUOYbXkKzaMUhngl5OCtewUB0RYMEj8VQ6N2KTJgvsI0_TZZjeX0xakXpPrcjJgIpCn1PGM9FrTUZ4LQyOrEn1CxsO1R1kbftQA-CJfNLUethQGG3-fGVX85vndwlavxbVpCPBgwKVT-PeKYpjPEaWKXkAUmiVVj0MCNYIMvoCSZnP5tid8HJpQe0PZGM1IuejkmxA0AvmTMUEsHgTzBmPXZJJ0apGPmvbE4iY8PAn8G8V76TNsfT6kTEo3YqD8Hx72k-AXr5oyI_7YRrXbE76wYPyAoaM62qTnFVIY8H1Qp1Z5gxSDbzupZt67b83wJ4OikAAiGTDFDRZTWhEz5gqqklKngtb1DHNhBL158Z-jqd8QOrRrtHEHS4elF40IaCLfGWpDVeGfzQzvWom_ptBKVd_xRGzb14ZzLDII4hrj_UJrtyVexXFUImPX1wf8zRE3DhpQe3FgmQ7gl1UQZQvFVXpmQmtx2HLnPTDnj2_a4rxs36vGtdItbLQ5ZCy7OklcbEU5UlIjUJuizVKNG492l0ok1XgH2OrPvcjjwWB877GxKR-ZP9LZxiCAHXKnL9YxKt6v1HpmLuCxq-N-2-mpVvmVm4Fzmo1P_PGjvw6SIUF_2A526qKqO9HlWUHl3CWKp09b6P-QSd2R6ZCHf7uZBmC9G_fhpLLuyPi7CvJrDjBsEIq4Iqg_Mbe3A5aSjdJ5wpyCiMnl6g6ysBUI5Er0isJyHSGT9qeAMz99SUwC1HdwSP62v9_9Zd8y-47jbBpqjVoyx-JTQGpU0K_X3wBuf9AcnA546VmK2KE8HU5oO9qXayEgda7WA7o1FUledCTczlD0AOU3sYqbqxE0G7xdvTMkoGgrHBwLuS2pGDwDCkOItwB2FQgrZc_3amZu3C5jjiVekaKikZZdYn2sAcqfnCo7Ft0A2tnif0ZohuXlBdHgUhFLBJSG7oT_6wVEPoIUaevBHMuQ8-1SM8nLfPM2zMoBO2CmWitBm7Ha04SwKoNaPztUVxvAWgjIXuvIB-V5paEz0tvQ9OrgsbuaLvTT4EBg3IKEWjOTxQCl0EjlMGWgv8fThR7ZhIHio5F8042sCtrSMd0UCUoILI9_XXEXoBBpzDwfyfe4ObQf1E7Qw-KGAztFrEUhCskaFHbTIE2Ilw-e5ttaRBs_PBygU6CQgfZvYCaJc_3uOdwf_UvfzGd50aTaFlYgaT4wA-MvSJvw7Yl64s6rutvQwo8rLY5Mq5a8Cr2bm_CbSy5AZi9HKa4wiXispsIf0uLPlevAuTISdmO8xb22v7IH8IauliQwMzrEtzxcmho2T5QtoqkAxoLCKV1MHMx0H7qULTdDB9NBgQi2AOsYpG&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsitchu.com.au%2F&ds=l&xdt=1&iif=1&cor=17662260213385329000&adk=3037181501&idt=172&cac=0&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8a3678d1cbd42068f43cfa92a182abb14841eece5b09c97a52e85fe210aae98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38348
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-237-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 28 Jan 2024 09:11:11 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.237.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-237-92.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sitchu.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 28 Jan 2024 09:11:10 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
truncated
/ Frame 1761 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6fe72f0325988c0cd0a95980e39a736390a3df7ef4bd036a27caf5d7ef7ff4b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 207D 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a75d93e6abbf43570678523d28c87cafec18c31a61386915c511526e44c2f3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 96CF 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLRHMPKsRu9vlEx9FaW-puEhFkp7mJw3UKmdaJzfPqaCbeqzCkq8ZWTmh7YDcIq7Yd116dsSofJXeX2t4s2WTFkxGQCOJk9kWqyzjvqgPjsZNWZGa_ylrssseaPD4BLWGken-4gA4-2uqqf9pZRqAbWxDcNz7s65zf2hSSbX3iKhrLI0s&dbm_d=AKAmf-DWWZv2jDIv-fhkbZkwN3PxXrtscf4pxXOHkZQ_iMkoBPlxnQVBf58BZaZKBGQXBOZGkmzBKQzqpA3pvoRd563PPFIG74r6oskAhFyEvd5Arr_w4K7P9I6oUG9DTe-oOKUgmJpJ9R7jmIKyQKrPL4p44Q_vnx_n1nH9gz89ZGewj8mxlt_yt0na01Qc8eEKPZkggXhCX3dhkEGWI5ztfUgQ1cOUeUIA7OOISWcusa-Ane_rwbwCgT2dv7CXoDvt3FwMV_8CB5y3uirWBXSevfsAMH2lyvGPdM52FIKMZtXdIU5dZ-dLRKxzbgpEhmL7_CTv00l5OxbCRR9gjY-R1HxAqaTQOmRKWJ0w9qh4Obyk1Wzq9Vl_p53cUJfENftZpi03nWtr9L5NUkWPYjqXaPm4BzZC4vnCK9TgZK-9i0CuIvS1Df5zLEqoPDTYUUxg1x9DpFTN9TMOQzvP7h81LFPNjaJ6NDKRt7Oftj6P4iUNauOouVMPRA07Kxy00YQOF7Pvgfv5Elj_WS7NFEecBBBlRk-vnyJ0wE2JBHcrl-4dl7RmLlw9480r5QKokU0J079MoZLkI-3ggn7c2qOJ60kI1LAmFEo7PdrGvrN1DMdmYuzoCIeieMClLqRJFtqDkk41bX8QqB0OzqBEDzTY4qzpNEKYHO0-u-v8qZmSezVqmgCu_vuTl43ISiYeMfCVQDPDv0RVt3KbPVZi5FNTOX_6kh9H89YTae3r8A-gtJ1dx-P2SBxCDNaHoKq-qGUCctrfTQ7uykYvfe6je4tXF0bgO92RCz6FAIXPGTuU7hPIEwolSrctQzOA3AKUIZ8xNeJIJDrqtkREwn9C06ZqZac7TlOEDh4oPbGLwDbpkqy4LAp_b6dVBDF-jaOPP-GQFOHDbodcZ-zoEQ1JIySvPsVhF0RH3nQeYhCHRVjjQ4WSjfZro8M8-hK8m8_ZbNa3YyJ7iZK2HnPdnKeanwAxu0Hv-tEF_RN3B_UjND68zvADO7xrHbwYCduWOI5uPwAm6PGLmqA9XZdj_5BwjcOAQ6Sxd4fKn6UOt3UMTF34e5uU4b796IUaAyEjkAP7QlxZCLKmM_TfJ8-iA6ZQsIwCBmMiUeGILm8smoIG3m20eWjJ61wDtLNV2tnq8j-IWjnDnFPrXSv1cmhsPhNBd0yVuLzVptaPtMU3j_YtkGCbYVSG-LS8qptUvWQ3K-XQINygLLVDUuujz3gM_5rYnQVWTswJM1jnmhHZ80VPpltOW_GWNRtJV6Tw8QLkkVrM7lZXNMfrbzSa8YSTdHFLqiVujgev7kNFuxdOaYC2OtAkyoSngwi28jSseXzyN3aTa5IklIpey_25dnHr4xBIrIJPXfuKo-4AM41hUABQOM38nFDQccOiqjZSXbsl3_puPwGFTebLTcg9I_7k84ODVeLrfbTCnGN2NzEO3pHND4MdP6kadixhyLOTFXy8GBQXr0QxTtMkZu0LtQ-JvLN5sRCst5fATAFGEnZuFEztLbevKK0KYgz8HO-hd9tWPHQLNVNNY83NbBH-Uh8qYYSEie7GCS1fhnI3KXDfqPPGvJPlKEr8-2n2AWGSSdcAX2C5nAsItUHkYWykEBD4otWxqqunztVy4lw4ZWeb0aDqeFlqmLlQ2OHBgP_kDRU2NGh_OIcIz0w7MAr2jX_GS4iooIvAJJc50bzjviN772iAN4ilvTpcfdXkLQx82Xx1OLNDSDTZ3RlmcnF-L5qHQRSwbQ5-D_s5ZFzq_Y25amln7hvn6dm2hoM2dxUAIRBtyO9absefXvSvR4ryNwqpTbM8C7ucf1UmbQE-etV5NUm1OoFWwqzfcOI010LQyyLtzbxLwROjSIz8uSrtt3Mf2hVYQM-FILsNsSx2uoCn4kiqww6bSCuX3rIXW3Qpr0vaQrc8c8vXt7dFJGit5Hw82izS5rMqfkpVhp2lMrxoe5qF43mCyAsxWFgx5060_GGkb7baw8GPCjAnZmU7J1-7wfrZS_y91yXCuvuDzDpHoRXIPL1KouFnET5IEzLEAQhHMWzfXokc680AVo71cDOgLdfTaVbq6M8FsCcxdr7YRKkqfn9d7tr2jF66GQmX7VFADzGoitN4omTqhdnlwfQ1uiWRo9cjrROYti3I9nyN3_I0t-Z1Ip5snNrEAN_JSZ5LDYiATixu1Ipg7XnGCT0iP-VkDAqafDl0HLR-PUx-xCj7GNa1e-x_Ldj2J8ac5J5Edel-9-1rcsOEILIihnyVeP6ZwkPcMYq0CGqDgEfyuIeLjWd_dtmEtV38UaZYDXWMJw42_Uk9u6ng7NE0Wtu6rnmfQ7Mqn2iBJhhQV8Hqk4hABxxK8zQTUkIYdnBDjjSpVVYxQ8BgopOrT7X_14lS5MDJ3dIDN_bRaXmmF4ir2PNen1ARwdMUWqunJmlIYnAhtEa1eu2tCXqfU4LLICWKM9bQyIF6osUgBrCImy2wWhN8FpQUmpp49xv8LXZyX0vNfowaUOYbXkKzaMUhngl5OCtewUB0RYMEj8VQ6N2KTJgvsI0_TZZjeX0xakXpPrcjJgIpCn1PGM9FrTUZ4LQyOrEn1CxsO1R1kbftQA-CJfNLUethQGG3-fGVX85vndwlavxbVpCPBgwKVT-PeKYpjPEaWKXkAUmiVVj0MCNYIMvoCSZnP5tid8HJpQe0PZGM1IuejkmxA0AvmTMUEsHgTzBmPXZJJ0apGPmvbE4iY8PAn8G8V76TNsfT6kTEo3YqD8Hx72k-AXr5oyI_7YRrXbE76wYPyAoaM62qTnFVIY8H1Qp1Z5gxSDbzupZt67b83wJ4OikAAiGTDFDRZTWhEz5gqqklKngtb1DHNhBL158Z-jqd8QOrRrtHEHS4elF40IaCLfGWpDVeGfzQzvWom_ptBKVd_xRGzb14ZzLDII4hrj_UJrtyVexXFUImPX1wf8zRE3DhpQe3FgmQ7gl1UQZQvFVXpmQmtx2HLnPTDnj2_a4rxs36vGtdItbLQ5ZCy7OklcbEU5UlIjUJuizVKNG492l0ok1XgH2OrPvcjjwWB877GxKR-ZP9LZxiCAHXKnL9YxKt6v1HpmLuCxq-N-2-mpVvmVm4Fzmo1P_PGjvw6SIUF_2A526qKqO9HlWUHl3CWKp09b6P-QSd2R6ZCHf7uZBmC9G_fhpLLuyPi7CvJrDjBsEIq4Iqg_Mbe3A5aSjdJ5wpyCiMnl6g6ysBUI5Er0isJyHSGT9qeAMz99SUwC1HdwSP62v9_9Zd8y-47jbBpqjVoyx-JTQGpU0K_X3wBuf9AcnA546VmK2KE8HU5oO9qXayEgda7WA7o1FUledCTczlD0AOU3sYqbqxE0G7xdvTMkoGgrHBwLuS2pGDwDCkOItwB2FQgrZc_3amZu3C5jjiVekaKikZZdYn2sAcqfnCo7Ft0A2tnif0ZohuXlBdHgUhFLBJSG7oT_6wVEPoIUaevBHMuQ8-1SM8nLfPM2zMoBO2CmWitBm7Ha04SwKoNaPztUVxvAWgjIXuvIB-V5paEz0tvQ9OrgsbuaLvTT4EBg3IKEWjOTxQCl0EjlMGWgv8fThR7ZhIHio5F8042sCtrSMd0UCUoILI9_XXEXoBBpzDwfyfe4ObQf1E7Qw-KGAztFrEUhCskaFHbTIE2Ilw-e5ttaRBs_PBygU6CQgfZvYCaJc_3uOdwf_UvfzGd50aTaFlYgaT4wA-MvSJvw7Yl64s6rutvQwo8rLY5Mq5a8Cr2bm_CbSy5AZi9HKa4wiXispsIf0uLPlevAuTISdmO8xb22v7IH8IauliQwMzrEtzxcmho2T5QtoqkAxoLCKV1MHMx0H7qULTdDB9NBgQi2AOsYpG&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsitchu.com.au%2F&ds=l&xdt=1&iif=1&cor=17662260213385329000&adk=3037181501&idt=172&cac=0&dtd=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:25:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
71168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11931
x-xss-protection
0
server
cafe
etag
11828260617052087593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 13:25:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 96CF 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLRHMPKsRu9vlEx9FaW-puEhFkp7mJw3UKmdaJzfPqaCbeqzCkq8ZWTmh7YDcIq7Yd116dsSofJXeX2t4s2WTFkxGQCOJk9kWqyzjvqgPjsZNWZGa_ylrssseaPD4BLWGken-4gA4-2uqqf9pZRqAbWxDcNz7s65zf2hSSbX3iKhrLI0s&dbm_d=AKAmf-DWWZv2jDIv-fhkbZkwN3PxXrtscf4pxXOHkZQ_iMkoBPlxnQVBf58BZaZKBGQXBOZGkmzBKQzqpA3pvoRd563PPFIG74r6oskAhFyEvd5Arr_w4K7P9I6oUG9DTe-oOKUgmJpJ9R7jmIKyQKrPL4p44Q_vnx_n1nH9gz89ZGewj8mxlt_yt0na01Qc8eEKPZkggXhCX3dhkEGWI5ztfUgQ1cOUeUIA7OOISWcusa-Ane_rwbwCgT2dv7CXoDvt3FwMV_8CB5y3uirWBXSevfsAMH2lyvGPdM52FIKMZtXdIU5dZ-dLRKxzbgpEhmL7_CTv00l5OxbCRR9gjY-R1HxAqaTQOmRKWJ0w9qh4Obyk1Wzq9Vl_p53cUJfENftZpi03nWtr9L5NUkWPYjqXaPm4BzZC4vnCK9TgZK-9i0CuIvS1Df5zLEqoPDTYUUxg1x9DpFTN9TMOQzvP7h81LFPNjaJ6NDKRt7Oftj6P4iUNauOouVMPRA07Kxy00YQOF7Pvgfv5Elj_WS7NFEecBBBlRk-vnyJ0wE2JBHcrl-4dl7RmLlw9480r5QKokU0J079MoZLkI-3ggn7c2qOJ60kI1LAmFEo7PdrGvrN1DMdmYuzoCIeieMClLqRJFtqDkk41bX8QqB0OzqBEDzTY4qzpNEKYHO0-u-v8qZmSezVqmgCu_vuTl43ISiYeMfCVQDPDv0RVt3KbPVZi5FNTOX_6kh9H89YTae3r8A-gtJ1dx-P2SBxCDNaHoKq-qGUCctrfTQ7uykYvfe6je4tXF0bgO92RCz6FAIXPGTuU7hPIEwolSrctQzOA3AKUIZ8xNeJIJDrqtkREwn9C06ZqZac7TlOEDh4oPbGLwDbpkqy4LAp_b6dVBDF-jaOPP-GQFOHDbodcZ-zoEQ1JIySvPsVhF0RH3nQeYhCHRVjjQ4WSjfZro8M8-hK8m8_ZbNa3YyJ7iZK2HnPdnKeanwAxu0Hv-tEF_RN3B_UjND68zvADO7xrHbwYCduWOI5uPwAm6PGLmqA9XZdj_5BwjcOAQ6Sxd4fKn6UOt3UMTF34e5uU4b796IUaAyEjkAP7QlxZCLKmM_TfJ8-iA6ZQsIwCBmMiUeGILm8smoIG3m20eWjJ61wDtLNV2tnq8j-IWjnDnFPrXSv1cmhsPhNBd0yVuLzVptaPtMU3j_YtkGCbYVSG-LS8qptUvWQ3K-XQINygLLVDUuujz3gM_5rYnQVWTswJM1jnmhHZ80VPpltOW_GWNRtJV6Tw8QLkkVrM7lZXNMfrbzSa8YSTdHFLqiVujgev7kNFuxdOaYC2OtAkyoSngwi28jSseXzyN3aTa5IklIpey_25dnHr4xBIrIJPXfuKo-4AM41hUABQOM38nFDQccOiqjZSXbsl3_puPwGFTebLTcg9I_7k84ODVeLrfbTCnGN2NzEO3pHND4MdP6kadixhyLOTFXy8GBQXr0QxTtMkZu0LtQ-JvLN5sRCst5fATAFGEnZuFEztLbevKK0KYgz8HO-hd9tWPHQLNVNNY83NbBH-Uh8qYYSEie7GCS1fhnI3KXDfqPPGvJPlKEr8-2n2AWGSSdcAX2C5nAsItUHkYWykEBD4otWxqqunztVy4lw4ZWeb0aDqeFlqmLlQ2OHBgP_kDRU2NGh_OIcIz0w7MAr2jX_GS4iooIvAJJc50bzjviN772iAN4ilvTpcfdXkLQx82Xx1OLNDSDTZ3RlmcnF-L5qHQRSwbQ5-D_s5ZFzq_Y25amln7hvn6dm2hoM2dxUAIRBtyO9absefXvSvR4ryNwqpTbM8C7ucf1UmbQE-etV5NUm1OoFWwqzfcOI010LQyyLtzbxLwROjSIz8uSrtt3Mf2hVYQM-FILsNsSx2uoCn4kiqww6bSCuX3rIXW3Qpr0vaQrc8c8vXt7dFJGit5Hw82izS5rMqfkpVhp2lMrxoe5qF43mCyAsxWFgx5060_GGkb7baw8GPCjAnZmU7J1-7wfrZS_y91yXCuvuDzDpHoRXIPL1KouFnET5IEzLEAQhHMWzfXokc680AVo71cDOgLdfTaVbq6M8FsCcxdr7YRKkqfn9d7tr2jF66GQmX7VFADzGoitN4omTqhdnlwfQ1uiWRo9cjrROYti3I9nyN3_I0t-Z1Ip5snNrEAN_JSZ5LDYiATixu1Ipg7XnGCT0iP-VkDAqafDl0HLR-PUx-xCj7GNa1e-x_Ldj2J8ac5J5Edel-9-1rcsOEILIihnyVeP6ZwkPcMYq0CGqDgEfyuIeLjWd_dtmEtV38UaZYDXWMJw42_Uk9u6ng7NE0Wtu6rnmfQ7Mqn2iBJhhQV8Hqk4hABxxK8zQTUkIYdnBDjjSpVVYxQ8BgopOrT7X_14lS5MDJ3dIDN_bRaXmmF4ir2PNen1ARwdMUWqunJmlIYnAhtEa1eu2tCXqfU4LLICWKM9bQyIF6osUgBrCImy2wWhN8FpQUmpp49xv8LXZyX0vNfowaUOYbXkKzaMUhngl5OCtewUB0RYMEj8VQ6N2KTJgvsI0_TZZjeX0xakXpPrcjJgIpCn1PGM9FrTUZ4LQyOrEn1CxsO1R1kbftQA-CJfNLUethQGG3-fGVX85vndwlavxbVpCPBgwKVT-PeKYpjPEaWKXkAUmiVVj0MCNYIMvoCSZnP5tid8HJpQe0PZGM1IuejkmxA0AvmTMUEsHgTzBmPXZJJ0apGPmvbE4iY8PAn8G8V76TNsfT6kTEo3YqD8Hx72k-AXr5oyI_7YRrXbE76wYPyAoaM62qTnFVIY8H1Qp1Z5gxSDbzupZt67b83wJ4OikAAiGTDFDRZTWhEz5gqqklKngtb1DHNhBL158Z-jqd8QOrRrtHEHS4elF40IaCLfGWpDVeGfzQzvWom_ptBKVd_xRGzb14ZzLDII4hrj_UJrtyVexXFUImPX1wf8zRE3DhpQe3FgmQ7gl1UQZQvFVXpmQmtx2HLnPTDnj2_a4rxs36vGtdItbLQ5ZCy7OklcbEU5UlIjUJuizVKNG492l0ok1XgH2OrPvcjjwWB877GxKR-ZP9LZxiCAHXKnL9YxKt6v1HpmLuCxq-N-2-mpVvmVm4Fzmo1P_PGjvw6SIUF_2A526qKqO9HlWUHl3CWKp09b6P-QSd2R6ZCHf7uZBmC9G_fhpLLuyPi7CvJrDjBsEIq4Iqg_Mbe3A5aSjdJ5wpyCiMnl6g6ysBUI5Er0isJyHSGT9qeAMz99SUwC1HdwSP62v9_9Zd8y-47jbBpqjVoyx-JTQGpU0K_X3wBuf9AcnA546VmK2KE8HU5oO9qXayEgda7WA7o1FUledCTczlD0AOU3sYqbqxE0G7xdvTMkoGgrHBwLuS2pGDwDCkOItwB2FQgrZc_3amZu3C5jjiVekaKikZZdYn2sAcqfnCo7Ft0A2tnif0ZohuXlBdHgUhFLBJSG7oT_6wVEPoIUaevBHMuQ8-1SM8nLfPM2zMoBO2CmWitBm7Ha04SwKoNaPztUVxvAWgjIXuvIB-V5paEz0tvQ9OrgsbuaLvTT4EBg3IKEWjOTxQCl0EjlMGWgv8fThR7ZhIHio5F8042sCtrSMd0UCUoILI9_XXEXoBBpzDwfyfe4ObQf1E7Qw-KGAztFrEUhCskaFHbTIE2Ilw-e5ttaRBs_PBygU6CQgfZvYCaJc_3uOdwf_UvfzGd50aTaFlYgaT4wA-MvSJvw7Yl64s6rutvQwo8rLY5Mq5a8Cr2bm_CbSy5AZi9HKa4wiXispsIf0uLPlevAuTISdmO8xb22v7IH8IauliQwMzrEtzxcmho2T5QtoqkAxoLCKV1MHMx0H7qULTdDB9NBgQi2AOsYpG&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsitchu.com.au%2F&ds=l&xdt=1&iif=1&cor=17662260213385329000&adk=3037181501&idt=172&cac=0&dtd=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 13:25:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
71167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Feb 2024 13:25:03 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 96CF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHZjv8XJNdDIYCTVquZxq9sBMK9tEZYi9kwP8BKdfmOW0GzLG-qbuUP__Exu7vaUqAUEzhkfzJwl8xJDf9fBZAPHAzmjbudB2VPnnHsDv_4H1hmo4kshXo52EpmGs7ECMoLWvxPU_eIxq4XHFtVlhW3rAE0ha1eTZMV-twtQknfMXpBWzBP1l7z4nuQ8OfdnKP8HENG3ad4O7nv5jbJAuEqjwTNYt-_x46QTsDttNVxwEr_C8QziZyL0_-tj3yNCI-FU00FJe3imBimJg-fkX2DGrL52ZUoi7S22LhlSjJNHxtGwIXn9VNfCdg4THsSmbt4VMyBpmTas5k9oXhdcenfbpfzyI77iE63laajymaivM6BevdSNKG8saF9FmYG8ZFLr3wdQMHiqcDd1j4UI3gfwoCya3PCctUIM5jEge_34hr_WUbEEy-diNxO7yUaXPZZenDvQMV4ED-4iH0RQJ601XWlULKXBLl548NZnJgQGMXDpXaYQSJP0qN_4qLimAR8OPb8lrGozhR-TIi-eNhCJhGI5RAPRyVG6r3voKl5UmdzoI4jN49PVtgbkDoc8D-7q15D61KUqCkDJprCVm8Cp32OjeryPHwPeRNwIa74MIOvojmM3ud42-1tkZmLOMhqLu42fYTXMmEj74qEpQFcUzvZ3ZW_aiHCoJIWUSVW5ZhT5ZqGFtyaH6hdtMGvI9TFm7EhbD_pOHy-BdaFikKcSISfuKRYKdh8kLDgZF3to0J3rfxeqW--InC6KXpahRPW9Q1SuuESu5h_JQanAlgUQIz23rku-SDqXAO0xkgBRZXJSOP3JXrxYJsdocN11Z7GolsNgmQerY2z2gi4aXpmGppW0hkdmrHxrViEHc63qIefxTFUN39fsHtH4Dx4j7PcyjsBWbrRd6oaTdSz7YMpY9tqow1fAwlJHrIEDbZVOXYCu1_E2MOoqADJcIZwAnTFl7Kshbws28NJWXgbEdmh8A7Pu0XouD4h7JoE38VqRZMzp0ThxJ5_cfUuXaXrFlTEs3HRWiLUdgFkGc2bgcF_K04Hi6MBeuvY-M3S2tOrem2aYPubM5C1vbbcbOJmmVjyTi2Cch0aWoCdNHkhHSkLmI3PRzguDaokbCh_m99tPBBXSHTUbubH6kSpmU4CwGNEbu0mBfFXwdpLDz8-DQWD7KsWKCkOKTsISadvFYU3Mu2MZ7ijwQt9KhHuffeIdSoF9n6Yhj6gTxhfbqZ-lh1C-wE4As_rMPdUNB8V74wW8sk9O1SoLUIdEaWvtUUkaFVEHSr-mM44_DIBJZcxBKApcHvOrjXf0gpQxmoQdth-TFX1BrY-amv8ui4g8wsBdcWJuz_X4XAwAvsUmsQvbpEw_Nu_wLPo1Y_5dFW6WBJhgGsiLj3oBAUOtgoSn1PZrEhyYDr8DfzZc4WzMa4wP0_W78q225Ds0kpdDg77vIunrM3AJNT-ejIb5EcAUf3t7xeecXp3KHd8cYLRqW8pxebytzjsciB1w&sai=AMfl-YSO0tziRYg45EOfWuQve4JwSbaqohzJV5kt3XdFQLJJYnmP22ecB4Z1B__ZbYRhitCRhUCRV6mNe6h7LK9zKWzvHGfnLLFZ75FAK7vyngQmO6CfgolPKS5xhee7MdAXD9XXh4Q7ys0l1odTvlD8uidx033V9CNzgMfftxQjnqbtAkuejS4wRP-cimhZ_KxGKHEEj16OUGFj257j5T8lr5pPSW52O4QRSesm9oCxQuBBglBsKp1F2AwIzbwwVpE1rryxuVKv0UCWjgZg3VyS67bRgssa&sig=Cg0ArKJSzJ6mICk5JRu6EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240122.85647&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLRHMPKsRu9vlEx9FaW-puEhFkp7mJw3UKmdaJzfPqaCbeqzCkq8ZWTmh7YDcIq7Yd116dsSofJXeX2t4s2WTFkxGQCOJk9kWqyzjvqgPjsZNWZGa_ylrssseaPD4BLWGken-4gA4-2uqqf9pZRqAbWxDcNz7s65zf2hSSbX3iKhrLI0s&dbm_d=AKAmf-DWWZv2jDIv-fhkbZkwN3PxXrtscf4pxXOHkZQ_iMkoBPlxnQVBf58BZaZKBGQXBOZGkmzBKQzqpA3pvoRd563PPFIG74r6oskAhFyEvd5Arr_w4K7P9I6oUG9DTe-oOKUgmJpJ9R7jmIKyQKrPL4p44Q_vnx_n1nH9gz89ZGewj8mxlt_yt0na01Qc8eEKPZkggXhCX3dhkEGWI5ztfUgQ1cOUeUIA7OOISWcusa-Ane_rwbwCgT2dv7CXoDvt3FwMV_8CB5y3uirWBXSevfsAMH2lyvGPdM52FIKMZtXdIU5dZ-dLRKxzbgpEhmL7_CTv00l5OxbCRR9gjY-R1HxAqaTQOmRKWJ0w9qh4Obyk1Wzq9Vl_p53cUJfENftZpi03nWtr9L5NUkWPYjqXaPm4BzZC4vnCK9TgZK-9i0CuIvS1Df5zLEqoPDTYUUxg1x9DpFTN9TMOQzvP7h81LFPNjaJ6NDKRt7Oftj6P4iUNauOouVMPRA07Kxy00YQOF7Pvgfv5Elj_WS7NFEecBBBlRk-vnyJ0wE2JBHcrl-4dl7RmLlw9480r5QKokU0J079MoZLkI-3ggn7c2qOJ60kI1LAmFEo7PdrGvrN1DMdmYuzoCIeieMClLqRJFtqDkk41bX8QqB0OzqBEDzTY4qzpNEKYHO0-u-v8qZmSezVqmgCu_vuTl43ISiYeMfCVQDPDv0RVt3KbPVZi5FNTOX_6kh9H89YTae3r8A-gtJ1dx-P2SBxCDNaHoKq-qGUCctrfTQ7uykYvfe6je4tXF0bgO92RCz6FAIXPGTuU7hPIEwolSrctQzOA3AKUIZ8xNeJIJDrqtkREwn9C06ZqZac7TlOEDh4oPbGLwDbpkqy4LAp_b6dVBDF-jaOPP-GQFOHDbodcZ-zoEQ1JIySvPsVhF0RH3nQeYhCHRVjjQ4WSjfZro8M8-hK8m8_ZbNa3YyJ7iZK2HnPdnKeanwAxu0Hv-tEF_RN3B_UjND68zvADO7xrHbwYCduWOI5uPwAm6PGLmqA9XZdj_5BwjcOAQ6Sxd4fKn6UOt3UMTF34e5uU4b796IUaAyEjkAP7QlxZCLKmM_TfJ8-iA6ZQsIwCBmMiUeGILm8smoIG3m20eWjJ61wDtLNV2tnq8j-IWjnDnFPrXSv1cmhsPhNBd0yVuLzVptaPtMU3j_YtkGCbYVSG-LS8qptUvWQ3K-XQINygLLVDUuujz3gM_5rYnQVWTswJM1jnmhHZ80VPpltOW_GWNRtJV6Tw8QLkkVrM7lZXNMfrbzSa8YSTdHFLqiVujgev7kNFuxdOaYC2OtAkyoSngwi28jSseXzyN3aTa5IklIpey_25dnHr4xBIrIJPXfuKo-4AM41hUABQOM38nFDQccOiqjZSXbsl3_puPwGFTebLTcg9I_7k84ODVeLrfbTCnGN2NzEO3pHND4MdP6kadixhyLOTFXy8GBQXr0QxTtMkZu0LtQ-JvLN5sRCst5fATAFGEnZuFEztLbevKK0KYgz8HO-hd9tWPHQLNVNNY83NbBH-Uh8qYYSEie7GCS1fhnI3KXDfqPPGvJPlKEr8-2n2AWGSSdcAX2C5nAsItUHkYWykEBD4otWxqqunztVy4lw4ZWeb0aDqeFlqmLlQ2OHBgP_kDRU2NGh_OIcIz0w7MAr2jX_GS4iooIvAJJc50bzjviN772iAN4ilvTpcfdXkLQx82Xx1OLNDSDTZ3RlmcnF-L5qHQRSwbQ5-D_s5ZFzq_Y25amln7hvn6dm2hoM2dxUAIRBtyO9absefXvSvR4ryNwqpTbM8C7ucf1UmbQE-etV5NUm1OoFWwqzfcOI010LQyyLtzbxLwROjSIz8uSrtt3Mf2hVYQM-FILsNsSx2uoCn4kiqww6bSCuX3rIXW3Qpr0vaQrc8c8vXt7dFJGit5Hw82izS5rMqfkpVhp2lMrxoe5qF43mCyAsxWFgx5060_GGkb7baw8GPCjAnZmU7J1-7wfrZS_y91yXCuvuDzDpHoRXIPL1KouFnET5IEzLEAQhHMWzfXokc680AVo71cDOgLdfTaVbq6M8FsCcxdr7YRKkqfn9d7tr2jF66GQmX7VFADzGoitN4omTqhdnlwfQ1uiWRo9cjrROYti3I9nyN3_I0t-Z1Ip5snNrEAN_JSZ5LDYiATixu1Ipg7XnGCT0iP-VkDAqafDl0HLR-PUx-xCj7GNa1e-x_Ldj2J8ac5J5Edel-9-1rcsOEILIihnyVeP6ZwkPcMYq0CGqDgEfyuIeLjWd_dtmEtV38UaZYDXWMJw42_Uk9u6ng7NE0Wtu6rnmfQ7Mqn2iBJhhQV8Hqk4hABxxK8zQTUkIYdnBDjjSpVVYxQ8BgopOrT7X_14lS5MDJ3dIDN_bRaXmmF4ir2PNen1ARwdMUWqunJmlIYnAhtEa1eu2tCXqfU4LLICWKM9bQyIF6osUgBrCImy2wWhN8FpQUmpp49xv8LXZyX0vNfowaUOYbXkKzaMUhngl5OCtewUB0RYMEj8VQ6N2KTJgvsI0_TZZjeX0xakXpPrcjJgIpCn1PGM9FrTUZ4LQyOrEn1CxsO1R1kbftQA-CJfNLUethQGG3-fGVX85vndwlavxbVpCPBgwKVT-PeKYpjPEaWKXkAUmiVVj0MCNYIMvoCSZnP5tid8HJpQe0PZGM1IuejkmxA0AvmTMUEsHgTzBmPXZJJ0apGPmvbE4iY8PAn8G8V76TNsfT6kTEo3YqD8Hx72k-AXr5oyI_7YRrXbE76wYPyAoaM62qTnFVIY8H1Qp1Z5gxSDbzupZt67b83wJ4OikAAiGTDFDRZTWhEz5gqqklKngtb1DHNhBL158Z-jqd8QOrRrtHEHS4elF40IaCLfGWpDVeGfzQzvWom_ptBKVd_xRGzb14ZzLDII4hrj_UJrtyVexXFUImPX1wf8zRE3DhpQe3FgmQ7gl1UQZQvFVXpmQmtx2HLnPTDnj2_a4rxs36vGtdItbLQ5ZCy7OklcbEU5UlIjUJuizVKNG492l0ok1XgH2OrPvcjjwWB877GxKR-ZP9LZxiCAHXKnL9YxKt6v1HpmLuCxq-N-2-mpVvmVm4Fzmo1P_PGjvw6SIUF_2A526qKqO9HlWUHl3CWKp09b6P-QSd2R6ZCHf7uZBmC9G_fhpLLuyPi7CvJrDjBsEIq4Iqg_Mbe3A5aSjdJ5wpyCiMnl6g6ysBUI5Er0isJyHSGT9qeAMz99SUwC1HdwSP62v9_9Zd8y-47jbBpqjVoyx-JTQGpU0K_X3wBuf9AcnA546VmK2KE8HU5oO9qXayEgda7WA7o1FUledCTczlD0AOU3sYqbqxE0G7xdvTMkoGgrHBwLuS2pGDwDCkOItwB2FQgrZc_3amZu3C5jjiVekaKikZZdYn2sAcqfnCo7Ft0A2tnif0ZohuXlBdHgUhFLBJSG7oT_6wVEPoIUaevBHMuQ8-1SM8nLfPM2zMoBO2CmWitBm7Ha04SwKoNaPztUVxvAWgjIXuvIB-V5paEz0tvQ9OrgsbuaLvTT4EBg3IKEWjOTxQCl0EjlMGWgv8fThR7ZhIHio5F8042sCtrSMd0UCUoILI9_XXEXoBBpzDwfyfe4ObQf1E7Qw-KGAztFrEUhCskaFHbTIE2Ilw-e5ttaRBs_PBygU6CQgfZvYCaJc_3uOdwf_UvfzGd50aTaFlYgaT4wA-MvSJvw7Yl64s6rutvQwo8rLY5Mq5a8Cr2bm_CbSy5AZi9HKa4wiXispsIf0uLPlevAuTISdmO8xb22v7IH8IauliQwMzrEtzxcmho2T5QtoqkAxoLCKV1MHMx0H7qULTdDB9NBgQi2AOsYpG&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsitchu.com.au%2F&ds=l&xdt=1&iif=1&cor=17662260213385329000&adk=3037181501&idt=172&cac=0&dtd=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 96CF 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLRHMPKsRu9vlEx9FaW-puEhFkp7mJw3UKmdaJzfPqaCbeqzCkq8ZWTmh7YDcIq7Yd116dsSofJXeX2t4s2WTFkxGQCOJk9kWqyzjvqgPjsZNWZGa_ylrssseaPD4BLWGken-4gA4-2uqqf9pZRqAbWxDcNz7s65zf2hSSbX3iKhrLI0s&dbm_d=AKAmf-DWWZv2jDIv-fhkbZkwN3PxXrtscf4pxXOHkZQ_iMkoBPlxnQVBf58BZaZKBGQXBOZGkmzBKQzqpA3pvoRd563PPFIG74r6oskAhFyEvd5Arr_w4K7P9I6oUG9DTe-oOKUgmJpJ9R7jmIKyQKrPL4p44Q_vnx_n1nH9gz89ZGewj8mxlt_yt0na01Qc8eEKPZkggXhCX3dhkEGWI5ztfUgQ1cOUeUIA7OOISWcusa-Ane_rwbwCgT2dv7CXoDvt3FwMV_8CB5y3uirWBXSevfsAMH2lyvGPdM52FIKMZtXdIU5dZ-dLRKxzbgpEhmL7_CTv00l5OxbCRR9gjY-R1HxAqaTQOmRKWJ0w9qh4Obyk1Wzq9Vl_p53cUJfENftZpi03nWtr9L5NUkWPYjqXaPm4BzZC4vnCK9TgZK-9i0CuIvS1Df5zLEqoPDTYUUxg1x9DpFTN9TMOQzvP7h81LFPNjaJ6NDKRt7Oftj6P4iUNauOouVMPRA07Kxy00YQOF7Pvgfv5Elj_WS7NFEecBBBlRk-vnyJ0wE2JBHcrl-4dl7RmLlw9480r5QKokU0J079MoZLkI-3ggn7c2qOJ60kI1LAmFEo7PdrGvrN1DMdmYuzoCIeieMClLqRJFtqDkk41bX8QqB0OzqBEDzTY4qzpNEKYHO0-u-v8qZmSezVqmgCu_vuTl43ISiYeMfCVQDPDv0RVt3KbPVZi5FNTOX_6kh9H89YTae3r8A-gtJ1dx-P2SBxCDNaHoKq-qGUCctrfTQ7uykYvfe6je4tXF0bgO92RCz6FAIXPGTuU7hPIEwolSrctQzOA3AKUIZ8xNeJIJDrqtkREwn9C06ZqZac7TlOEDh4oPbGLwDbpkqy4LAp_b6dVBDF-jaOPP-GQFOHDbodcZ-zoEQ1JIySvPsVhF0RH3nQeYhCHRVjjQ4WSjfZro8M8-hK8m8_ZbNa3YyJ7iZK2HnPdnKeanwAxu0Hv-tEF_RN3B_UjND68zvADO7xrHbwYCduWOI5uPwAm6PGLmqA9XZdj_5BwjcOAQ6Sxd4fKn6UOt3UMTF34e5uU4b796IUaAyEjkAP7QlxZCLKmM_TfJ8-iA6ZQsIwCBmMiUeGILm8smoIG3m20eWjJ61wDtLNV2tnq8j-IWjnDnFPrXSv1cmhsPhNBd0yVuLzVptaPtMU3j_YtkGCbYVSG-LS8qptUvWQ3K-XQINygLLVDUuujz3gM_5rYnQVWTswJM1jnmhHZ80VPpltOW_GWNRtJV6Tw8QLkkVrM7lZXNMfrbzSa8YSTdHFLqiVujgev7kNFuxdOaYC2OtAkyoSngwi28jSseXzyN3aTa5IklIpey_25dnHr4xBIrIJPXfuKo-4AM41hUABQOM38nFDQccOiqjZSXbsl3_puPwGFTebLTcg9I_7k84ODVeLrfbTCnGN2NzEO3pHND4MdP6kadixhyLOTFXy8GBQXr0QxTtMkZu0LtQ-JvLN5sRCst5fATAFGEnZuFEztLbevKK0KYgz8HO-hd9tWPHQLNVNNY83NbBH-Uh8qYYSEie7GCS1fhnI3KXDfqPPGvJPlKEr8-2n2AWGSSdcAX2C5nAsItUHkYWykEBD4otWxqqunztVy4lw4ZWeb0aDqeFlqmLlQ2OHBgP_kDRU2NGh_OIcIz0w7MAr2jX_GS4iooIvAJJc50bzjviN772iAN4ilvTpcfdXkLQx82Xx1OLNDSDTZ3RlmcnF-L5qHQRSwbQ5-D_s5ZFzq_Y25amln7hvn6dm2hoM2dxUAIRBtyO9absefXvSvR4ryNwqpTbM8C7ucf1UmbQE-etV5NUm1OoFWwqzfcOI010LQyyLtzbxLwROjSIz8uSrtt3Mf2hVYQM-FILsNsSx2uoCn4kiqww6bSCuX3rIXW3Qpr0vaQrc8c8vXt7dFJGit5Hw82izS5rMqfkpVhp2lMrxoe5qF43mCyAsxWFgx5060_GGkb7baw8GPCjAnZmU7J1-7wfrZS_y91yXCuvuDzDpHoRXIPL1KouFnET5IEzLEAQhHMWzfXokc680AVo71cDOgLdfTaVbq6M8FsCcxdr7YRKkqfn9d7tr2jF66GQmX7VFADzGoitN4omTqhdnlwfQ1uiWRo9cjrROYti3I9nyN3_I0t-Z1Ip5snNrEAN_JSZ5LDYiATixu1Ipg7XnGCT0iP-VkDAqafDl0HLR-PUx-xCj7GNa1e-x_Ldj2J8ac5J5Edel-9-1rcsOEILIihnyVeP6ZwkPcMYq0CGqDgEfyuIeLjWd_dtmEtV38UaZYDXWMJw42_Uk9u6ng7NE0Wtu6rnmfQ7Mqn2iBJhhQV8Hqk4hABxxK8zQTUkIYdnBDjjSpVVYxQ8BgopOrT7X_14lS5MDJ3dIDN_bRaXmmF4ir2PNen1ARwdMUWqunJmlIYnAhtEa1eu2tCXqfU4LLICWKM9bQyIF6osUgBrCImy2wWhN8FpQUmpp49xv8LXZyX0vNfowaUOYbXkKzaMUhngl5OCtewUB0RYMEj8VQ6N2KTJgvsI0_TZZjeX0xakXpPrcjJgIpCn1PGM9FrTUZ4LQyOrEn1CxsO1R1kbftQA-CJfNLUethQGG3-fGVX85vndwlavxbVpCPBgwKVT-PeKYpjPEaWKXkAUmiVVj0MCNYIMvoCSZnP5tid8HJpQe0PZGM1IuejkmxA0AvmTMUEsHgTzBmPXZJJ0apGPmvbE4iY8PAn8G8V76TNsfT6kTEo3YqD8Hx72k-AXr5oyI_7YRrXbE76wYPyAoaM62qTnFVIY8H1Qp1Z5gxSDbzupZt67b83wJ4OikAAiGTDFDRZTWhEz5gqqklKngtb1DHNhBL158Z-jqd8QOrRrtHEHS4elF40IaCLfGWpDVeGfzQzvWom_ptBKVd_xRGzb14ZzLDII4hrj_UJrtyVexXFUImPX1wf8zRE3DhpQe3FgmQ7gl1UQZQvFVXpmQmtx2HLnPTDnj2_a4rxs36vGtdItbLQ5ZCy7OklcbEU5UlIjUJuizVKNG492l0ok1XgH2OrPvcjjwWB877GxKR-ZP9LZxiCAHXKnL9YxKt6v1HpmLuCxq-N-2-mpVvmVm4Fzmo1P_PGjvw6SIUF_2A526qKqO9HlWUHl3CWKp09b6P-QSd2R6ZCHf7uZBmC9G_fhpLLuyPi7CvJrDjBsEIq4Iqg_Mbe3A5aSjdJ5wpyCiMnl6g6ysBUI5Er0isJyHSGT9qeAMz99SUwC1HdwSP62v9_9Zd8y-47jbBpqjVoyx-JTQGpU0K_X3wBuf9AcnA546VmK2KE8HU5oO9qXayEgda7WA7o1FUledCTczlD0AOU3sYqbqxE0G7xdvTMkoGgrHBwLuS2pGDwDCkOItwB2FQgrZc_3amZu3C5jjiVekaKikZZdYn2sAcqfnCo7Ft0A2tnif0ZohuXlBdHgUhFLBJSG7oT_6wVEPoIUaevBHMuQ8-1SM8nLfPM2zMoBO2CmWitBm7Ha04SwKoNaPztUVxvAWgjIXuvIB-V5paEz0tvQ9OrgsbuaLvTT4EBg3IKEWjOTxQCl0EjlMGWgv8fThR7ZhIHio5F8042sCtrSMd0UCUoILI9_XXEXoBBpzDwfyfe4ObQf1E7Qw-KGAztFrEUhCskaFHbTIE2Ilw-e5ttaRBs_PBygU6CQgfZvYCaJc_3uOdwf_UvfzGd50aTaFlYgaT4wA-MvSJvw7Yl64s6rutvQwo8rLY5Mq5a8Cr2bm_CbSy5AZi9HKa4wiXispsIf0uLPlevAuTISdmO8xb22v7IH8IauliQwMzrEtzxcmho2T5QtoqkAxoLCKV1MHMx0H7qULTdDB9NBgQi2AOsYpG&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsitchu.com.au%2F&ds=l&xdt=1&iif=1&cor=17662260213385329000&adk=3037181501&idt=172&cac=0&dtd=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:53:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
227849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:53:41 GMT
16808197511023290053
s0.2mdn.net/simgad/ Frame 96CF 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16808197511023290053
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59e2a9cfe376bad82a6c11e2cad296a51950fe7a1342723d4766e6b02431f0f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 27 Jan 2025 07:31:07 GMT
date
Sun, 28 Jan 2024 07:31:07 GMT
x-content-type-options
nosniff
age
6004
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15388
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 07:40:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame A94B 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc005d3b13a64f4cf4e396591d296112ec15827ffacf6c4dce6d65196d92f3d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C02D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
71013
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 13:27:37 GMT
etag
48472445140208031
expires
Sun, 28 Jan 2024 13:27:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 1761 		1 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=329167520&ord=2005971948
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-24.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 14:54:27 GMT
content-encoding
gzip
via
1.1 8aad346c495a4d92f652a000a22d62fa.cloudfront.net (CloudFront)
last-modified
Fri, 20 Dec 2019 13:03:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C2
age
69881
etag
W/"9748fb959a7ee41d8aebb52473ace3d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
YAmF-T1miU0-jNvaExcg_oU9kHBWmYWM4z_aibES2iR7Dr4rQhFUqg==
index.html
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 7B0B 		209 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d101801c1f9fdd8dddd032ea43c62fe911ddc06914c77ac8928b603f34c2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:11 GMT
expires
Mon, 27 Jan 2025 09:11:11 GMT
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 1761 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssRCeJ4YxK59_gelpnlLqR2uDBn1wjOZALozUVSLLd7784GnLHlgiJJU_4Um78BhqWTc_U2AXcSx7qkPMPYb_qQKdQvQdSFgMOeDUcn741bPsf5Gspd1kq5FDxw9TmbOCfCuO6JuDDgUhnX8BKe0Lp0Foyq3asB4dmXWke-ucWaJbbzdOpmYMAyStT0ZrtjtJSFkxhXvFTpqo07ifsZpTLx5OvYxOultTa9dBJ8tXSrTNOXcTFkX__8QhGr3cHqou1vmGVHQpgfBN5GaVR97kS7E7iSYGVGUsrR9Mtaq7SE9nU2t0QpMObbQ6mD90AhjadBKDO7PLI6lWyFMXFTSNCOPnogj13RlTSFPn84JClUQayFV7oUi0hHQrq4rlUykoKVTaFgH_VclYcvpUB3kE-WknaRELuYtUd2s_xwqz0CAIkYyiFfXuSYUCDyDx-N22jeJT3t8RE5KjUsUyFPHBBW5E50xxhByOr_8vzB4eGNvFbotxMiiwS_U4quAwyafVKtloGd26Sp1DhtVzUvsel5IL9fY-O8VfD_hF4i7GkEpwmnGVdoRcEL_jfeyCtJSbZ4Fi9iYRCulXPAS12wrCAeMocVtz05bLH5K8ya_GC5yVJzMD9P5IHbAgNhSbYUa_3-Ty0YsYcXtLCHJWtABTzfiVESY-u4EpFbl7fkrPrDKqO8IbxEPI29D2a5a2_K6mhS2zbrEDhJOYJIdiPM8477nKXlZAo1o22p6Kwl9_WoFMd_pMlO6r3wdvtn7YbCvBBoch8SUQ5Wknomf9JJtsnVSbtLZQ-Z-oJolUmPYAsGKfVXRdN8PVhurCMvI_bJ212SSZjiqYw4aoyz9mfts6TjLbhyOMGUCtt7EcM6tdCLMFODrrvKHuso8p8jJ7_x65Fp6K1U01cWf4uhoGgYmk4-kkMbt01uELK7JJG2GaY2ZPuHiuQz2Najxe0o0KCqx8ECzXxOjmN5HC81Ro5iv8xxwkP8AzE_900SpPqmL3KSoQPtilXoCQ62tu6pQ8033JnLX-nfm8uAwYBZH61SE__1Te6x7ppMXxIYhCS3o1LxgLjdtschzWjHJWG6fdDfJx0j7fHz9IIyS4J5wL3zUS9wKAvj6efR3wC9ME9k4AKGRIgZZZp5dAXGrx6nEqmahFFpXDIKC3Mjv3IRGPy7HOgVN90YC1Bso25YSnoAlyZW1z5aEIaognJe2QnoTol5pudHT1SS_oeMHiZ9VE7F4hKAP3hXGUPVdpi7OKCgZOx3AXE5YLzq0caSah6ZVy7NUJvXV40emigAPuXwYEqhEhy4E0w6dqmqUQ4O00F5KUghxKU2qjqJCHy3w5FLxFICR9iocosBN4AD1_VGq7rjZwzuKJsj9Axbljh1rK_ti1B9gL_D3ZBhBRVA-wpPrwYoHge4pNJiiXDNsVtbQa5X_-mrU1K4HEttl4HojFC0MCyUvGQobFwSiNmILu4FViqHzOkJ3jsMNmxeXqZC83_baj1y-9OkIOdLN7Ey7gbGcnzVNGOJ47kraLOCIymnzak0-mLDDMVksXO4aERXxryhQOhjJyUoSLaCvAexAUDLtpNJL58EP8sryVh-z4og9w&sai=AMfl-YTws4lvXByQIaIAeLESowJM75u1RMcgC8Q-Lz3D5NcVq0XmpMVACAyPZ6lsUeLCandN1lZ_QUU4GrdQOsgerCiqGWb9Ru2BUBmn5-uWzppmKNf30mQ-Nnj72hHql_HeXLUg5QSyZJh9SAuiagJvA8tjZ0SZhS6TTpM3YdCRFbiSWFY9DLHGgGZshG6SrFBh1aKdbD0UDNT-1HJIuEmlLVSyNNhMzqq5nuQcsvzez_i03PAlKjM5HOqGZ31V9ePlXJ285b_eV0OVJuzl4S7rzDgiREcyoUHeYOyjaNrdSNSdQcUMc0u_C0oAqV4Qq0sOkZb9qXXsax-SKthVKkiwroCczdQ4x04H3PTuU8mikLHsJd-uF_lWGIPz0840GcZbNVOl3WSgPOr_mPi6ObBKqoxiz5fiympXTG_tlxfl3U_XAsBD5TU&sig=Cg0ArKJSzB7ji40Ka91QEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=705&cbvp=1&cstd=696&cisv=r20240122.91543&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 28 Jan 2024 09:11:11 GMT
n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame A94B 		1 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=329167514&ord=200008018
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-24.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 14:54:27 GMT
content-encoding
gzip
via
1.1 8aad346c495a4d92f652a000a22d62fa.cloudfront.net (CloudFront)
last-modified
Fri, 20 Dec 2019 13:03:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C2
age
69881
etag
W/"9748fb959a7ee41d8aebb52473ace3d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ZQ3lmfK7lgOnecYVajd4A8Z4FuW3U3spbRTJ7Cg18RUseNO9qqbcFg==
index.html
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F57A 		211 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e59336afb66547cc153b095bcc84b5451a5245fca489232bb29602ba84b6a72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:11 GMT
expires
Mon, 27 Jan 2025 09:11:11 GMT
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame A94B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssICHld1mvCK_HRi0-BLQOfj_8reMzT86Ni8HsXh6akAKpmVvh69oI3meAnZVwGRCGUl1IIGJp0JA4Jf6-NuX4p-IOKVlF3whr9P1E6YExlBLacIqrLXn4PrI-DsHtUKgc7_o2wt5E_gTKIBCHlIf96FqhdnCmlH3ykCKNvRuHT25bghMfCin-jXRrlqybaUwFipuXOh-nqGWTzkXpfupqZ1aUVwiUEQ5YzrsWhfSivDkZZOE5c5g_46giomnstN-gfWgOhsP9wMYn59b4dw2gwqhxAOOOkGGQpZwEszjcF8Qn0cqA0u0298YbhUDctWJfu7WdF4t8TFbClijrAqmPFmMF683j_0E6j8Nnl2gtozvs_xiwigIh4QTV8KNv8bFWnuCLtDQ5m4_qiMo_RRZg5k9XNy-T10JyoxlNifAun-sbawTF-veqqPopCmCWJk1LuIFcO1SCxcPrDKr36MEgOAQ0pxTFAUPbWPkHJn9PXNUaIO9i0UclyznoyBTRFzhNrnXZs3tf2qoTf52oBMSTVtOHCNQ1QAVkbnweiACC_I_ZrBy_pxzn8NRluPaZyCxopRkelKl2inAzRjQhUQx3eHZDAViNhmKFyPJnIOfY9fukRC1gNL0NWXw502qbhBIjVpnGWAYechQb3OAkKuxkeupj1eHzvAQDpNJ3l1H50bv_OTM_cl8Z66p8SLseJS6tvTCyxq-NfyX0twCfAAYccVOxpqMJ3DDbZEdgPTocGaJadxZrbG3ss6f2yDHDWGK8_p_l_0XjZtAVq4tWdwsRgbz-TTQs7gspg_kFiHy-WQ9bGHKeupLM0nVJbXcwmTHSpTYk7pvuFyets-x_4ZK60wt2o3je0OTujYrB7FwOlNm3erdQ8Da4Uq6gt9JWBUDvY4-BZa5m6JNqVPy5Y_ox8GL6yGrtjCR86RztgNFa-NKLjW0icVUjHSgIjTQF3iQRqqNEtqTHbfv4m3gEe4muqttOQqbW9cn64zZ8vmexoqmO_byWaUVXNMTJB0CnSQ4cCwBo8En--yKLtPKtEDawRHDqITybeaaRqcK3bsSTAcE6IpKcnupeZKCVNnHskICU025EOlu-oAResvz1dHXV0ZPwQFtCVzAAM9KaJu4qjyC9dI-XT7PM2B5AjxywY6R9TKFc1Sgo9FHuOgXvtObHqCfFjxpKtjBdE0NBoaWmRW8Iwjf3TcdkXP9KbgbP56dQWtmm79egJcIKWK5A7CxP-6NDjDBu03wpgM2b0JzkCc3jth4F38NcGFI2ju6sx4ogUEwzx0Plydbu4dK6EakQ2z8NB47lYgNQyw9bFDKhg3Qffzawyrw7XzFkTR7brvPSdtjcfL4yqqrCLB17CXVHLRTfV5ZE8cQk73_B8GBm7jgzYWN7i76jUE2KPpoFuF62wtutIRd5zp2XzUiia3U3VTYfrtkykfhyrVnB1f_CyE0sCcFFi8h0tkSEKLE1ZCXE9QaC6NkLMIWvPeANKbchpGgp-umRhT-iwoDadjs3nuNBgTfaTAw4NvmakNJWv8U0A8riXjaPIkhcekyD2q2DKroC0ZPxlFmVRIWzsIOz7BatA7WFs5L_h8-VXBUtdvO8&sai=AMfl-YQ8XHjAgNSl80fntwKe2b6JvFG5p31BMN7IsnXZesDWH26bVfF5E8PPJRCriS9kcUEI7Dzo07mu4N70ZFWHqTNRbdfvLHgzdf6oDxAKH-D4loSjuW5on2Cf_8eTQPJUVeEv1UxFrJdQ6B17XKdidrZksMpY9qLQ8rFBDUSxFo6u4cb2cp0ryeEmLAUem4T2GPSFYv-TEnJrA_nb8p83n4O217LMQOiAkfMRn6qm8MorxksqSXnRzBRDinb5ESDjTTl7o5rWE34GRDmukebOI1mdeGjw6HDgDlEds9c3PtfGfWcwvNBtN0poqMJeWW77IxW64XGmVmJSV8VOxFZeiWXOPp9sDKxN3HzHSrYtKwsBt4U6rya-O0YI2yg93F546yWcRZOmIzO6IMDlBNOEU_2LlHD2MiZxPfzpExeKB2r3dk8TnqE&sig=Cg0ArKJSzHIgdUxXQSWgEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=680&cbvp=1&cstd=673&cisv=r20240122.91097&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7827 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhxJg5q_X3txz8FsiE5vvd4EYozkwcIa-HlNOZDL1kFUHlV942n9kr1Gw_RF5SxGmE-GVxyHDCZ4-EckwSK9U2gmp5nh7CDhZvHSepbRDXPCzoEXLzcXOCWnznQB1uTbgEugcqaZPaS2PCpwcGuLQZb9YD&sig=Cg0ArKJSzKmODrNAydJlEAE&id=lidar2&mcvt=1039&p=19,0,20,1&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20240123&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=108572345&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706433069304&rpt=535&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 96CF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1494fc9c9b96b642fc5080a6d4cf1c67f756f2d39f572e8bec11f85f50816300

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7872 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93c5f44f6a03bd25863a6c4926d13cc937cbf029959de321611c74558b83686e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 09E4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
229193
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 17:31:17 GMT
expires
Fri, 24 Jan 2025 17:31:17 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2DC0 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
229193
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 17:31:17 GMT
expires
Fri, 24 Jan 2025 17:31:17 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7872 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 03:19:06 GMT
x-content-type-options
nosniff
age
21125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Jan 2025 03:19:06 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7872 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:51:16 GMT
x-content-type-options
nosniff
age
292795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 23:51:16 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7872 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:44:44 GMT
x-content-type-options
nosniff
age
293187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 23:44:44 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CE4lWLRq2Zdv4EqGqwNYP04OPmAH4v4_xb5vnutmvEd_6taLbAhABIMPKnZoBYH2gAc_KxuMoyAEJqQJdTekvvg-mPuACAKgDAcgDywSqBKQCT9Ay6L5b7Uu6DqhkNJFVfbo5EBL1g6jjX1XlN0n_ZiUHsjGhLWkiMiZ87gqqZjM-h2ti0OaZn5wwhuNArsQpulsyK7DiXvzrUOJC0W13cMYgNjTNer4EI7TlfcZadWRO_ah-EFmE3rlBreWc0InsNhj2gmxggm-LSXIUnoq1jX-mZCuIPRSNUNmKzz1-_pzMnibmuCHMCxdmI57PvGU64lTPo9ANYcD5nUH5qS-qC9EKyzrerJtviyJeheKFeDTdhX6YxP9ZhqQej2-K522ojbEJfU288abXVqEc7P6Q_0twKS3TA5CGDpjIyAM0w4DazeEauKCG1O5VOJGAFSiyHsKnqP11QE7vMkyUQtzqFi606WGsl3MoOqQhlKvnjHbSLC6yGcAEgIjhtr0E4AQBiAW3vN7ISpIFBAgEGAGSBQQIBRgEoAYugAfPgpfDA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIytN9IIHwiAYRABGB0yAooCOgSAQIBASL39wTpYrJS1x97_gwOaCRZodHRwczovL291dGJhY2suY29tLmF1gAoDyAsBogwIKgYKBKy6sQLaDBEKCxCQ-r_74KLggaUBEgIBA-INEwjd4rXH3v-DAxUhFdAEHdPBAxO4E-QD2BMN0BUBmBYBgBcBshceChwIABIUcHViLTUzNTU5NTg2NjIyMzA3NjIYndltshgEEgKmUQ&sigh=iZZleCKAt88&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&template_id=484&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 28 Jan 2024 09:11:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 7872
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CE4lWLRq2Zdv4EqGqwNYP04OPmAH4v4_xb5vnutmvEd_6taLbAhABIMPKnZoBYH2gAc_KxuMoyAEJqQJdTekvvg-mPuACAKgDAcgDywSqBKQCT9Ay6L5b7Uu6DqhkNJFVfbo5EBL1g6jj...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x25d2ea302bcf66670000000000000000%22,%222%22:%220xdf05d4b4e87c0c860000000000000000%22,%223%22:%220x43aa3f...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x25d2ea302bcf66670000000000000000%22,%222%22:%220xdf05d4b4e87c0c860000000000000000%22,%223%22:%220x43aa3f836c95d8cb0000000000000000%22,%224%22:%220x8ab72981e81ad2c0000000000000000%22,%225%22:%220xd117e652e8c427ba0000000000000000%22},%22debug_key%22:%223079420758063844295%22,%22debug_reporting%22:true,%22destination%22:%22https://outback.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210946192719%22],%2222%22:[%22true%22],%224%22:[%2201-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216672606508332256737%22}&andc=true
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:12 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x25d2ea302bcf66670000000000000000","2":"0xdf05d4b4e87c0c860000000000000000","3":"0x43aa3f836c95d8cb0000000000000000","4":"0x8ab72981e81ad2c0000000000000000","5":"0xd117e652e8c427ba0000000000000000"},"debug_key":"3079420758063844295","debug_reporting":true,"destination":"https://outback.com.au","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10946192719"],"22":["true"],"4":["01-28"],"6":["true"]},"priority":"500","source_event_id":"16672606508332256737"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 28 Jan 2024 09:11:12 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x25d2ea302bcf66670000000000000000","2":"0xdf05d4b4e87c0c860000000000000000","3":"0x43aa3f836c95d8cb0000000000000000","4":"0x8ab72981e81ad2c0000000000000000","5":"0xd117e652e8c427ba0000000000000000"},"debug_key":"3079420758063844295","debug_reporting":true,"destination":"https://outback.com.au","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10946192719"],"22":["true"],"4":["01-28"],"6":["true"]},"priority":"500","source_event_id":"16672606508332256737"}&andc=true
access-control-allow-origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A1A4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
229193
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jan 2024 17:31:17 GMT
expires
Fri, 24 Jan 2025 17:31:17 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 207D 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 23:41:37 GMT
x-content-type-options
nosniff
age
293374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 23:41:37 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct4K5LRq2Zd74EqGqwNYP04OPmAH2zszJdY3FverdEZyMspSPDBABIMPKnZoBYH2gAdL4y-IDyAEB4AIAqAMByAPLBKoEoQJP0OHWavws0VZ0PZzSDal0UQSkQ6FzdyOGx7bllBzebu7Dh5agTRe-ClG9LS4gBHxv-kGWQY7V07clvDKZ9YngHKR7t9tPkrDWE-3qqIyvlnNmymTD80uoJ9ufjkTk040yGvzM-SN2TCiCvDPAV-l9qgVjsV2FXg7ywoXoFf1U1wyylEFd19pkKXTk5w9FbRsbcBs-pMXiS_L7Fg3-N3zXcKwWdyLw_2XbEViMCKzL5JZlEBDdq5-2AdZzDHxGg9XNjUvQIaDVDiXjvnmTVpGzAS1-sFiJ77qncRhzHBlOjTFtLrvBoqFqDMhTmBcykML1NqjafcZdpQIkIoc4UVkkgVa6XBOFsRcn_E8nluy9yrIca-kPOtI20QkW4YgyoBfIwAT23v_olwLgBAGIBcCH97EHgAeBiNZDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQiuoJ0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlislLXH3v-DA5oJKmh0dHBzOi8vd3d3LnNxdWFyZXNwYWNlLmNvbS93ZWJzaXRlLWRlc2lnboAKA8gLAaIMCCoGCgSsurEC2gwRCgsQsLrmh9zg8oz-ARICAQPiDRMI4OK1x97_gwMVIRXQBB3TwQMT2BMD0BUBgBcBshceChwIABIUcHViLTUzNTU5NTg2NjIyMzA3NjIYndltshgEEgLlWQ&sigh=KF0N376NWeI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 28 Jan 2024 09:11:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 207D
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct4K5LRq2Zd74EqGqwNYP04OPmAH2zszJdY3FverdEZyMspSPDBABIMPKnZoBYH2gAdL4y-IDyAEB4AIAqAMByAPLBKoEoQJP0OHWavws0VZ0PZzSDal0UQSkQ6FzdyOGx7bllBzebu7D...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd71e2e06a0a3bae40000000000000000%22,%222%22:%220x495f9081b59de4050000000000000000%22,%223%22:%220xe26fe7...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd71e2e06a0a3bae40000000000000000%22,%222%22:%220x495f9081b59de4050000000000000000%22,%223%22:%220xe26fe75ed11a16e0000000000000000%22,%224%22:%220xcf13476ffee7f4a60000000000000000%22,%225%22:%220x2239317df4eac5e50000000000000000%22},%22debug_key%22:%22821361876680081040%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2201-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224241134925273962801%22}&andc=true
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H3
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:12 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xd71e2e06a0a3bae40000000000000000","2":"0x495f9081b59de4050000000000000000","3":"0xe26fe75ed11a16e0000000000000000","4":"0xcf13476ffee7f4a60000000000000000","5":"0x2239317df4eac5e50000000000000000"},"debug_key":"821361876680081040","debug_reporting":true,"destination":"https://squarespace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1012071506"],"22":["true"],"4":["01-28"],"6":["true"]},"priority":"500","source_event_id":"4241134925273962801"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 28 Jan 2024 09:11:12 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xd71e2e06a0a3bae40000000000000000","2":"0x495f9081b59de4050000000000000000","3":"0xe26fe75ed11a16e0000000000000000","4":"0xcf13476ffee7f4a60000000000000000","5":"0x2239317df4eac5e50000000000000000"},"debug_key":"821361876680081040","debug_reporting":true,"destination":"https://squarespace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1012071506"],"22":["true"],"4":["01-28"],"6":["true"]},"priority":"500","source_event_id":"4241134925273962801"}&andc=true
access-control-allow-origin
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
B29069693.375475082;dc_pre=CLfMqcje_4MDFdcKaAgdqCEI-Q;dc_trk_aid=566519856;dc_trk_cid=198156616;ord=1573770332;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 207D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375475082;dc_trk_aid=566519856;dc_trk_cid=198156616;ord=1573770332;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr...
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375475082;dc_pre=CLfMqcje_4MDFdcKaAgdqCEI-Q;dc_trk_aid=566519856;dc_trk_cid=198156616;ord=1573770332;dc_lat=;dc_rdid=;tag_for_ch...
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375475082;dc_pre=CLfMqcje_4MDFdcKaAgdqCEI-Q;dc_trk_aid=566519856;dc_trk_cid=198156616;ord=1573770332;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H2
Server
172.253.62.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.375475082;dc_pre=CLfMqcje_4MDFdcKaAgdqCEI-Q;dc_trk_aid=566519856;dc_trk_cid=198156616;ord=1573770332;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame D279 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:48:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
156188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 13:48:03 GMT
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 6289 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:48:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
156188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 13:48:03 GMT
pixel
cm.g.doubleclick.net/ Frame C02D
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFhI3aUwOVJZhhNECOOYMS0&google_cver=1&google_push=AXcoOmSc1Q0Or3wW4E8PDLj6dTh6v2Q4_je1RRR8C5rhHsG19AlO5X7l7z9M-bXS3VFVkO5z0oONS...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSc1Q0Or3wW4E8PDLj6dTh6v2Q4_je1RRR8C5rhHsG19AlO5X7l7z9M-bXS3VFVkO5z0oONSaClF2HGIemTLbq3rXpSfyQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSc1Q0Or3wW4E8PDLj6dTh6v2Q4_je1RRR8C5rhHsG19AlO5X7l7z9M-bXS3VFVkO5z0oONSaClF2HGIemTLbq3rXpSfyQ
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 28 Jan 2024 09:11:10 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: ECF2F804293B4F6F8CB9E77390009723 Ref B: YTO01EDGE0409 Ref C: 2024-01-28T09:11:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmSc1Q0Or3wW4E8PDLj6dTh6v2Q4_je1RRR8C5rhHsG19AlO5X7l7z9M-bXS3VFVkO5z0oONSaClF2HGIemTLbq3rXpSfyQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAYP/ekIVm7GcWoaemXO5Q==
asr
aid.send.microad.jp/g/ Frame C02D 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEN99oDKp-iL0rXlBE5uJNpk&google_cver=1&google_push=AXcoOmSfCOr8HUnpptK6oLS0EqFwq7_VrmfdKTxU4SHrvTmNLfyDzGNCE9ynUoZVs98B6bUZGk0qAub0m0Yk_rZCKfUKYQe_TBs
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 09:11:11 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame C02D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFjlGn4PhLuSB6WEKi9fFCU&google_cver=1&google_push=AXcoOmTMg5SKQXrcA5uurhntwU2erN7Gck9tmYPsscbi613t-vzpw2yglTRDiZarrXfCJgkrg7Vm7DIgBGna6...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTMg5SKQXrcA5uurhntwU2erN7Gck9tmYPsscbi613t-vzpw2yglTRDiZarrXfCJgkrg7Vm7DIgBGna6UQ_bXNh7vqouQI&google_hm=N21LdmgwMWV0X3o4N3pLR...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTMg5SKQXrcA5uurhntwU2erN7Gck9tmYPsscbi613t-vzpw2yglTRDiZarrXfCJgkrg7Vm7DIgBGna6UQ_bXNh7vqouQI&google_hm=N21LdmgwMWV0X3o4N3pLRHFRbE8=
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 09:11:11 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTMg5SKQXrcA5uurhntwU2erN7Gck9tmYPsscbi613t-vzpw2yglTRDiZarrXfCJgkrg7Vm7DIgBGna6UQ_bXNh7vqouQI&google_hm=N21LdmgwMWV0X3o4N3pLRHFRbE8=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C02D
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESELyU65Fa_4iOvf5yicL_Mpo&google_cver=1&google_push=AXcoOmQUf-4Vy0X0A_ZTfSzD4Zo9WgKn5-vt2CvEmS4dStloCkFYd5XnveRmUn4zdMFnOBlvb_m7JMtnhTshIO...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmQUf-4Vy0X0A_ZTfSzD4Zo9WgKn5-vt2CvEmS4dStloCkFYd5XnveRmUn4zdMFnOBlvb_m7JMtnhTshIOLRQU-j85St9v8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmQUf-4Vy0X0A_ZTfSzD4Zo9WgKn5-vt2CvEmS4dStloCkFYd5XnveRmUn4zdMFnOBlvb_m7JMtnhTshIOLRQU-j85St9v8
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=AXcoOmQUf-4Vy0X0A_ZTfSzD4Zo9WgKn5-vt2CvEmS4dStloCkFYd5XnveRmUn4zdMFnOBlvb_m7JMtnhTshIOLRQU-j85St9v8
date
Sun, 28 Jan 2024 09:11:10 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame C02D
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHswq4xdvw0b3bDZSwLmGMw&google_cver=1&google_push=AXcoOmTZNFmu3h0acwfkdjNff2ig37XXuX4HU3201tprZ_vmqNhqALzSiPc7FBaqLhI1wrchjcG8TKrSeNhOwDgSP...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBkMjRmOGMtYmU1MC00YjNkLTk4MGQtNDY5YTUwZjE3Zjc0&google_push=AXcoOmTZNFmu3h0acwfkdjNff2ig37XXuX4HU3201tprZ_vmqNhqALzSiPc7FBaq...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBkMjRmOGMtYmU1MC00YjNkLTk4MGQtNDY5YTUwZjE3Zjc0&google_push=AXcoOmTZNFmu3h0acwfkdjNff2ig37XXuX4HU3201tprZ_vmqNhqALzSiPc7FBaqLhI1wrchjcG8TKrSeNhOwDgSPDeqZZ_Oxp8y
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBkMjRmOGMtYmU1MC00YjNkLTk4MGQtNDY5YTUwZjE3Zjc0&google_push=AXcoOmTZNFmu3h0acwfkdjNff2ig37XXuX4HU3201tprZ_vmqNhqALzSiPc7FBaqLhI1wrchjcG8TKrSeNhOwDgSPDeqZZ_Oxp8y
date
Sun, 28 Jan 2024 09:11:11 GMT
content-length
0
ggl
ads.avads.net/sync/ Frame C02D 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.avads.net/sync/ggl?google_gid=CAESECp6o_aj9hh96iecG46KeoI&google_cver=1&google_push=AXcoOmSEh2zhiHeYmV7sCviprp9_o1aYIizKgaHNOco9CKWk9cC3od1q6VpBrxvFSLNipXcTRI8FPk-NSWhY78j125LJ3BEkc2E
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.205.207.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
25.207.205.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

location
date
Sun, 28 Jan 2024 09:11:11 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
content-length
0
pixel
cm.g.doubleclick.net/ Frame C02D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmQuCgRbwJ4aV...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmQuCgRbwJ4aVPA_WexgKZ3nlQyn4N...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmQuCgRbwJ4aVPA_WexgKZ3nlQyn4N869cuM0IMYvLjh_oAARO9bTmsKjNbrrBV5iVavz46L-dUpskxfPxm3j2AyjXogEvl_
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
an-x-request-uuid
c6399286-cd96-4457-81c2-b0a4bf8af8a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzcxNTMyMjM3MjAyNjkwMTE1NQ%3D%3D&google_gid=CAESENGhqu9b3HXybWaXqoZt9T0&google_cver=1&google_push=AXcoOmQuCgRbwJ4aVPA_WexgKZ3nlQyn4N869cuM0IMYvLjh_oAARO9bTmsKjNbrrBV5iVavz46L-dUpskxfPxm3j2AyjXogEvl_
x-proxy-origin
166.0.205.4; 166.0.205.4; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C02D 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-l8JbBq5lg2iMSI51YmHPt2wOb3auDmb8YX10GJgkTj4LF4P6sKD_rX5hRO9dQVotiYIltQ_Z
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 09E4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
156647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 13:40:24 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 2DC0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
156647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 13:40:24 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame A1A4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
156647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 13:40:24 GMT
noah.min.js
bucket.cdnwebcloud.com/ Frame 1761 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/noah.min.js?1706433071257
Requested by
Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=329167520&ord=2005971948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-24.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 15:23:33 GMT
content-encoding
br
via
1.1 8aad346c495a4d92f652a000a22d62fa.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 14:02:49 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C2
age
64059
x-amz-server-side-encryption
AES256
etag
W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
iSxVYC57AsCCpshPk26QBh6YeYzjewOncoO14pQXmDrbob0gU7gpQQ==
noah.min.js
bucket.cdnwebcloud.com/ Frame A94B 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket.cdnwebcloud.com/noah.min.js?1706433071257
Requested by
Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=329167514&ord=200008018
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-24.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 15:23:33 GMT
content-encoding
br
via
1.1 8aad346c495a4d92f652a000a22d62fa.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 14:02:49 GMT
server
AmazonS3
x-amz-cf-pop
IAD66-C2
age
64059
x-amz-server-side-encryption
AES256
etag
W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
mlYYV6rr0H6DrrrOkPFABsy3kRCG-5zaxQUhb7Y90CPd1oVxSmPVPw==
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x25d2ea302bcf66670000000000000000%22,%222%22:%220xdf05d4b4e87c0c860000000000000000%22,%223%22:%220x43aa3f836c95d8cb0000000000000000%22,%224%22:%220x8ab72981e81ad2c0000000000000000%22,%225%22:%220xd117e652e8c427ba0000000000000000%22},%22debug_key%22:%223079420758063844295%22,%22debug_reporting%22:true,%22destination%22:%22https://outback.com.au%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210946192719%22],%2222%22:[%22true%22],%224%22:[%2201-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216672606508332256737%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 28 Jan 2024 09:11:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xd71e2e06a0a3bae40000000000000000%22,%222%22:%220x495f9081b59de4050000000000000000%22,%223%22:%220xe26fe75ed11a16e0000000000000000%22,%224%22:%220xcf13476ffee7f4a60000000000000000%22,%225%22:%220x2239317df4eac5e50000000000000000%22},%22debug_key%22:%22821361876680081040%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2201-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224241134925273962801%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 28 Jan 2024 09:11:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame F57A 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jan 2024 17:36:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 09E4 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIr88LRq2Zdr4EqGqwNYP04OPmAEAAAAAOAHgBAI&bg=!ZGelZyjNAAa8BdJLnAU7ADQBe5WfONSOwl7ysN_Ug3zK5KFSuxS0YwCQZRNjWkJXebUVjHZFFGzX1hgy10MUY95LGAZEAgAAAJBSAAAAA2gBBwoAV4RLofprm8kd0XBBKg9eBsB8q18JsmdxvSE05y61xaU-jzeBwIF7hkyWWMaV49h0xIq6_lB6brbGz3PPfedxt5YtvtCodXB6A3jCIgM8ykzwRSSHvoB_wJkC8w0-WoeH4_72644LDiwQ2PWg717MqOqP1VEt4pwGv4LDPXLSkYqNEkirW82JdoRdISAOlzMlfGPvlvDlT-MXw4fTpczMKg_jAjvwZrTRM5niKJkpouYyd4zn4-g6yMNLooEhsyBvs0RsGYXEtgnSoKKRdXjflZC2AQbBZArkscrHxrnXxq8vcULYrbeydUxQ2FxcBlNrQSqRffitx9GsAKSR4dDs3QnZqSN69pv3hsbALpwkRTq_JBA5cXbqZvGD0KHQ4HWN4keUoWiFVhKal-_4HNSa29Jz-TQavpLYek_HGiEoo3qKUeGT6OEeL2JphVk6EbV5_2p9O7LvefO3Sx5k-2UcyvHL2L71w_jIo3tI0w88BIvpySF6YiZXAyRnxHLdW5jCpAWDVT3ZtwF1EiE9zzZofrPVOdtGDhn6tYjLu-16sjH5UIcHhn4kuDtCNdaty8jEkffwmd4-2T03m4tIda8mp7lWdJOJ0SbnQkujHWgnexlwiIBwf1NtbtSwCjT9D2vIdRgRnsPIGakiN_Lm4oL8KupRRVvntbL4cOX7kn4-aEma6-pJwMQdCjzdHIlMXsSJ8DWDEN8rElld-YePBUF6ZwiYOSHYH6oUkQXh1pWn6CA46JynoPskdeLt9lO0B67G32_W_cuse3AqdwDULRoTaxOKkA5fmN5xW4nw_2EuTv48ucapj-yoMxhgnkRtdWEwdESv3JoALzB-Eqag_BiNPIj3PZ50sdhrTeQAstPw59P8iOwwDFPqE9rHDq9p_lVoCLAvO2b8xCvVOuoGATqLSFuTPtCn7nrXFXsyizj0NIGpMMHuqGIi6dSZVJHjCCfuMMOpuDHjuOuv5iwRKXhGlX6ovabrNsisyqwLSkNYTn7KW7tIm4myEf-f--SaNQKUodPzmvdKZf54HWpoSEXKwhJfmpqhFJSpNVzpMAcX3a_phaviKblcSWKAAc6x-Zlm8jMIs2D0QG_zpbzSAgasX-3nXVD-kiyN1D0FbP8m
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 7B0B 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jan 2024 17:36:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DC0 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BLHtgLRq2Zdn4EqGqwNYP04OPmAEAAAAAOAHgBAI&bg=!jY6ljsHNAAa8BdJLnAU7ADQBe5WfOEWg7AWcWtEIoBDGxog4Wxke1gZysYKVbiL7A5_UVtQS_s1Oy_HncWRwUwQf_T1LAgAAAJxSAAAAA2gBB5kC-32mArbedyiel0lgUdSQoqNWbCa6v05t_4gxJyiiQWfKanUhBmCXPLTryfFh6jCvuLtoAKL66vTOVwUxX9tXar4xinaE04krtmO0cHkSG32I-S-I0K4S6dNceeWHwK1EkqOnvXyyS6bwyp4ezniHTlH7Y5rsmuzMBOZH-Y1dWGNfDGMe24XILX8-g7ioF-ALApZEyfV_uFee7VzAuxKMQ876NqE-PS0kEuyetjpfnH7fzWoNUVb0eqLCDUMX0PvroX_QWEyfw8dkZA640th7DhBI3IlO98MCUnhJbwYsB4-fPsdjyrgYM8v9iDGA6EtkZIg5nbN-080nNriRKsWB6m54NoFmg5EesmAEzB5h0L9bNMArGYCxgobh8Sc9AFfiwNgeREm9FOFh3pizTtD_fXxIjla-nljUvoFzprG1OvrCBGusC58QgHtuDxum1SC7V2H1ZW4PkAVuAdwMcxfel6WRhCz_BJQM8gJMGDP0IUkXrJMtvps-ssreKal4OeatMHMP1gtyx_kO-zd1Xp-4TA7kVj2Jzb2Ur1qE-_6vu4kmgZXHyZGkwPi1yHViB2WDTZbgse6smtVgNjrMj52h7CqMjBF5u89t0L-h3rcnuDflCKX9D98WpKUzC-bxYHsBsdlbzfTOrnLsJDcP1jd5eBYQ6sKVCVbck4o0KQfHhTqqj87GZ0ASYpDWHUgK6upDjJMXMCch9xpVbUuwqrWDy0RmQIQI047Sius-WwJsC0nukMpG8ahv2qWJtVdpw2mDvQMobXwnyCAQskuUOZZWCLY5UvH4W24h7QosdumgQHWe2DLJOzFI-s_VRV1wclocYBNvsWBh29wSZKUe4XH6jIr8BYA85DZ8PljVrilXarZyrxT2Vq9kx_t6KAxIBK0rYS50HORPPh7LfDZGyVmuLE9N-1yRrB0EkLNagC1LZZ37gD5EJwguV1nfaCJUKOeuLfcD3EQRBJEACztjx8o_oN0vJrItuL2ub68F3_voI5BcdJFUL0vn-1ZMwjQ
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atp
neural40.cdnwebcloud.com/ Frame 1761 		74 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural40.cdnwebcloud.com/atp?140157453219=&n_o_aut_tc=329167520&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.179.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-179-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 28 Jan 2024 09:11:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
74
content-type
image/png
atp
neural40.cdnwebcloud.com/ Frame A94B 		74 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural40.cdnwebcloud.com/atp?997710883353=&n_o_aut_tc=329167514&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.179.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-179-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 28 Jan 2024 09:11:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
74
content-type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 96CF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHZjv8XJNdDIYCTVquZxq9sBMK9tEZYi9kwP8BKdfmOW0GzLG-qbuUP__Exu7vaUqAUEzhkfzJwl8xJDf9fBZAPHAzmjbudB2VPnnHsDv_4H1hmo4kshXo52EpmGs7ECMoLWvxPU_eIxq4XHFtVlhW3rAE0ha1eTZMV-twtQknfMXpBWzBP1l7z4nuQ8OfdnKP8HENG3ad4O7nv5jbJAuEqjwTNYt-_x46QTsDttNVxwEr_C8QziZyL0_-tj3yNCI-FU00FJe3imBimJg-fkX2DGrL52ZUoi7S22LhlSjJNHxtGwIXn9VNfCdg4THsSmbt4VMyBpmTas5k9oXhdcenfbpfzyI77iE63laajymaivM6BevdSNKG8saF9FmYG8ZFLr3wdQMHiqcDd1j4UI3gfwoCya3PCctUIM5jEge_34hr_WUbEEy-diNxO7yUaXPZZenDvQMV4ED-4iH0RQJ601XWlULKXBLl548NZnJgQGMXDpXaYQSJP0qN_4qLimAR8OPb8lrGozhR-TIi-eNhCJhGI5RAPRyVG6r3voKl5UmdzoI4jN49PVtgbkDoc8D-7q15D61KUqCkDJprCVm8Cp32OjeryPHwPeRNwIa74MIOvojmM3ud42-1tkZmLOMhqLu42fYTXMmEj74qEpQFcUzvZ3ZW_aiHCoJIWUSVW5ZhT5ZqGFtyaH6hdtMGvI9TFm7EhbD_pOHy-BdaFikKcSISfuKRYKdh8kLDgZF3to0J3rfxeqW--InC6KXpahRPW9Q1SuuESu5h_JQanAlgUQIz23rku-SDqXAO0xkgBRZXJSOP3JXrxYJsdocN11Z7GolsNgmQerY2z2gi4aXpmGppW0hkdmrHxrViEHc63qIefxTFUN39fsHtH4Dx4j7PcyjsBWbrRd6oaTdSz7YMpY9tqow1fAwlJHrIEDbZVOXYCu1_E2MOoqADJcIZwAnTFl7Kshbws28NJWXgbEdmh8A7Pu0XouD4h7JoE38VqRZMzp0ThxJ5_cfUuXaXrFlTEs3HRWiLUdgFkGc2bgcF_K04Hi6MBeuvY-M3S2tOrem2aYPubM5C1vbbcbOJmmVjyTi2Cch0aWoCdNHkhHSkLmI3PRzguDaokbCh_m99tPBBXSHTUbubH6kSpmU4CwGNEbu0mBfFXwdpLDz8-DQWD7KsWKCkOKTsISadvFYU3Mu2MZ7ijwQt9KhHuffeIdSoF9n6Yhj6gTxhfbqZ-lh1C-wE4As_rMPdUNB8V74wW8sk9O1SoLUIdEaWvtUUkaFVEHSr-mM44_DIBJZcxBKApcHvOrjXf0gpQxmoQdth-TFX1BrY-amv8ui4g8wsBdcWJuz_X4XAwAvsUmsQvbpEw_Nu_wLPo1Y_5dFW6WBJhgGsiLj3oBAUOtgoSn1PZrEhyYDr8DfzZc4WzMa4wP0_W78q225Ds0kpdDg77vIunrM3AJNT-ejIb5EcAUf3t7xeecXp3KHd8cYLRqW8pxebytzjsciB1w&sai=AMfl-YSO0tziRYg45EOfWuQve4JwSbaqohzJV5kt3XdFQLJJYnmP22ecB4Z1B__ZbYRhitCRhUCRV6mNe6h7LK9zKWzvHGfnLLFZ75FAK7vyngQmO6CfgolPKS5xhee7MdAXD9XXh4Q7ys0l1odTvlD8uidx033V9CNzgMfftxQjnqbtAkuejS4wRP-cimhZ_KxGKHEEj16OUGFj257j5T8lr5pPSW52O4QRSesm9oCxQuBBglBsKp1F2AwIzbwwVpE1rryxuVKv0UCWjgZg3VyS67bRgssa&sig=Cg0ArKJSzJ6mICk5JRu6EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=728&vt=11&dtpt=726&dett=2&cstd=0&cisv=r20240122.85647&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLRHMPKsRu9vlEx9FaW-puEhFkp7mJw3UKmdaJzfPqaCbeqzCkq8ZWTmh7YDcIq7Yd116dsSofJXeX2t4s2WTFkxGQCOJk9kWqyzjvqgPjsZNWZGa_ylrssseaPD4BLWGken-4gA4-2uqqf9pZRqAbWxDcNz7s65zf2hSSbX3iKhrLI0s&dbm_d=AKAmf-DWWZv2jDIv-fhkbZkwN3PxXrtscf4pxXOHkZQ_iMkoBPlxnQVBf58BZaZKBGQXBOZGkmzBKQzqpA3pvoRd563PPFIG74r6oskAhFyEvd5Arr_w4K7P9I6oUG9DTe-oOKUgmJpJ9R7jmIKyQKrPL4p44Q_vnx_n1nH9gz89ZGewj8mxlt_yt0na01Qc8eEKPZkggXhCX3dhkEGWI5ztfUgQ1cOUeUIA7OOISWcusa-Ane_rwbwCgT2dv7CXoDvt3FwMV_8CB5y3uirWBXSevfsAMH2lyvGPdM52FIKMZtXdIU5dZ-dLRKxzbgpEhmL7_CTv00l5OxbCRR9gjY-R1HxAqaTQOmRKWJ0w9qh4Obyk1Wzq9Vl_p53cUJfENftZpi03nWtr9L5NUkWPYjqXaPm4BzZC4vnCK9TgZK-9i0CuIvS1Df5zLEqoPDTYUUxg1x9DpFTN9TMOQzvP7h81LFPNjaJ6NDKRt7Oftj6P4iUNauOouVMPRA07Kxy00YQOF7Pvgfv5Elj_WS7NFEecBBBlRk-vnyJ0wE2JBHcrl-4dl7RmLlw9480r5QKokU0J079MoZLkI-3ggn7c2qOJ60kI1LAmFEo7PdrGvrN1DMdmYuzoCIeieMClLqRJFtqDkk41bX8QqB0OzqBEDzTY4qzpNEKYHO0-u-v8qZmSezVqmgCu_vuTl43ISiYeMfCVQDPDv0RVt3KbPVZi5FNTOX_6kh9H89YTae3r8A-gtJ1dx-P2SBxCDNaHoKq-qGUCctrfTQ7uykYvfe6je4tXF0bgO92RCz6FAIXPGTuU7hPIEwolSrctQzOA3AKUIZ8xNeJIJDrqtkREwn9C06ZqZac7TlOEDh4oPbGLwDbpkqy4LAp_b6dVBDF-jaOPP-GQFOHDbodcZ-zoEQ1JIySvPsVhF0RH3nQeYhCHRVjjQ4WSjfZro8M8-hK8m8_ZbNa3YyJ7iZK2HnPdnKeanwAxu0Hv-tEF_RN3B_UjND68zvADO7xrHbwYCduWOI5uPwAm6PGLmqA9XZdj_5BwjcOAQ6Sxd4fKn6UOt3UMTF34e5uU4b796IUaAyEjkAP7QlxZCLKmM_TfJ8-iA6ZQsIwCBmMiUeGILm8smoIG3m20eWjJ61wDtLNV2tnq8j-IWjnDnFPrXSv1cmhsPhNBd0yVuLzVptaPtMU3j_YtkGCbYVSG-LS8qptUvWQ3K-XQINygLLVDUuujz3gM_5rYnQVWTswJM1jnmhHZ80VPpltOW_GWNRtJV6Tw8QLkkVrM7lZXNMfrbzSa8YSTdHFLqiVujgev7kNFuxdOaYC2OtAkyoSngwi28jSseXzyN3aTa5IklIpey_25dnHr4xBIrIJPXfuKo-4AM41hUABQOM38nFDQccOiqjZSXbsl3_puPwGFTebLTcg9I_7k84ODVeLrfbTCnGN2NzEO3pHND4MdP6kadixhyLOTFXy8GBQXr0QxTtMkZu0LtQ-JvLN5sRCst5fATAFGEnZuFEztLbevKK0KYgz8HO-hd9tWPHQLNVNNY83NbBH-Uh8qYYSEie7GCS1fhnI3KXDfqPPGvJPlKEr8-2n2AWGSSdcAX2C5nAsItUHkYWykEBD4otWxqqunztVy4lw4ZWeb0aDqeFlqmLlQ2OHBgP_kDRU2NGh_OIcIz0w7MAr2jX_GS4iooIvAJJc50bzjviN772iAN4ilvTpcfdXkLQx82Xx1OLNDSDTZ3RlmcnF-L5qHQRSwbQ5-D_s5ZFzq_Y25amln7hvn6dm2hoM2dxUAIRBtyO9absefXvSvR4ryNwqpTbM8C7ucf1UmbQE-etV5NUm1OoFWwqzfcOI010LQyyLtzbxLwROjSIz8uSrtt3Mf2hVYQM-FILsNsSx2uoCn4kiqww6bSCuX3rIXW3Qpr0vaQrc8c8vXt7dFJGit5Hw82izS5rMqfkpVhp2lMrxoe5qF43mCyAsxWFgx5060_GGkb7baw8GPCjAnZmU7J1-7wfrZS_y91yXCuvuDzDpHoRXIPL1KouFnET5IEzLEAQhHMWzfXokc680AVo71cDOgLdfTaVbq6M8FsCcxdr7YRKkqfn9d7tr2jF66GQmX7VFADzGoitN4omTqhdnlwfQ1uiWRo9cjrROYti3I9nyN3_I0t-Z1Ip5snNrEAN_JSZ5LDYiATixu1Ipg7XnGCT0iP-VkDAqafDl0HLR-PUx-xCj7GNa1e-x_Ldj2J8ac5J5Edel-9-1rcsOEILIihnyVeP6ZwkPcMYq0CGqDgEfyuIeLjWd_dtmEtV38UaZYDXWMJw42_Uk9u6ng7NE0Wtu6rnmfQ7Mqn2iBJhhQV8Hqk4hABxxK8zQTUkIYdnBDjjSpVVYxQ8BgopOrT7X_14lS5MDJ3dIDN_bRaXmmF4ir2PNen1ARwdMUWqunJmlIYnAhtEa1eu2tCXqfU4LLICWKM9bQyIF6osUgBrCImy2wWhN8FpQUmpp49xv8LXZyX0vNfowaUOYbXkKzaMUhngl5OCtewUB0RYMEj8VQ6N2KTJgvsI0_TZZjeX0xakXpPrcjJgIpCn1PGM9FrTUZ4LQyOrEn1CxsO1R1kbftQA-CJfNLUethQGG3-fGVX85vndwlavxbVpCPBgwKVT-PeKYpjPEaWKXkAUmiVVj0MCNYIMvoCSZnP5tid8HJpQe0PZGM1IuejkmxA0AvmTMUEsHgTzBmPXZJJ0apGPmvbE4iY8PAn8G8V76TNsfT6kTEo3YqD8Hx72k-AXr5oyI_7YRrXbE76wYPyAoaM62qTnFVIY8H1Qp1Z5gxSDbzupZt67b83wJ4OikAAiGTDFDRZTWhEz5gqqklKngtb1DHNhBL158Z-jqd8QOrRrtHEHS4elF40IaCLfGWpDVeGfzQzvWom_ptBKVd_xRGzb14ZzLDII4hrj_UJrtyVexXFUImPX1wf8zRE3DhpQe3FgmQ7gl1UQZQvFVXpmQmtx2HLnPTDnj2_a4rxs36vGtdItbLQ5ZCy7OklcbEU5UlIjUJuizVKNG492l0ok1XgH2OrPvcjjwWB877GxKR-ZP9LZxiCAHXKnL9YxKt6v1HpmLuCxq-N-2-mpVvmVm4Fzmo1P_PGjvw6SIUF_2A526qKqO9HlWUHl3CWKp09b6P-QSd2R6ZCHf7uZBmC9G_fhpLLuyPi7CvJrDjBsEIq4Iqg_Mbe3A5aSjdJ5wpyCiMnl6g6ysBUI5Er0isJyHSGT9qeAMz99SUwC1HdwSP62v9_9Zd8y-47jbBpqjVoyx-JTQGpU0K_X3wBuf9AcnA546VmK2KE8HU5oO9qXayEgda7WA7o1FUledCTczlD0AOU3sYqbqxE0G7xdvTMkoGgrHBwLuS2pGDwDCkOItwB2FQgrZc_3amZu3C5jjiVekaKikZZdYn2sAcqfnCo7Ft0A2tnif0ZohuXlBdHgUhFLBJSG7oT_6wVEPoIUaevBHMuQ8-1SM8nLfPM2zMoBO2CmWitBm7Ha04SwKoNaPztUVxvAWgjIXuvIB-V5paEz0tvQ9OrgsbuaLvTT4EBg3IKEWjOTxQCl0EjlMGWgv8fThR7ZhIHio5F8042sCtrSMd0UCUoILI9_XXEXoBBpzDwfyfe4ObQf1E7Qw-KGAztFrEUhCskaFHbTIE2Ilw-e5ttaRBs_PBygU6CQgfZvYCaJc_3uOdwf_UvfzGd50aTaFlYgaT4wA-MvSJvw7Yl64s6rutvQwo8rLY5Mq5a8Cr2bm_CbSy5AZi9HKa4wiXispsIf0uLPlevAuTISdmO8xb22v7IH8IauliQwMzrEtzxcmho2T5QtoqkAxoLCKV1MHMx0H7qULTdDB9NBgQi2AOsYpG&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fsitchu.com.au%2F&ds=l&xdt=1&iif=1&cor=17662260213385329000&adk=3037181501&idt=172&cac=0&dtd=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A1A4 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdAjiLhq2ZcP9IcefoPMP7vGW2AoAAAAAOAHgBAI&bg=!9fal9rnNAAa8BdJLnAU7ADQBe5WfOMuS8DgT6UB8bCeX1xlQVIhFgTCjy8UIBKtLXx_VrgWfNTnOEjpql09_C-RwSKNhAgAAAG1SAAAAAmgBB5kDBSoZYyI_1mD7pDUGOK2lgamKLClBv6Chto_Y9EM8ZCzEVfSo6ANlWSmvkr1MEv9bCrLtftIlq4MJNjpEpWnL9rwT_W9FXilBbO0LGOBqFz1HE8L-VTaucEK4wGKUc8n3bECWuIXb43t4oXvTzEfQhAumJJ7jiiw0KOKWapcQHK_ElLV2fark7GwZ6GF4trXUZDpc6PQCRgVa4XEA36JnOEwQYdG7n7i9pMuSvPnee57OW1tnS3RrILnX1cWwAn_qiBOCqNuWsbN7P2hv7JnT4ofB9kCvZoGJfWpPDLvqzgPvFteNJ_u0GqZrEBww9m4cmwnjWNzN86lF1wpFwjhnQVEocR4WWBbWzl8cR8kS0G9RCoHMrHUkvT1zLogKdGZJaxMvYz-qUFAWkb6KIO6UWGQXNyamLnrSa1G122u9SAQE6HDB9xhkNOSBC2jwvBJukwAFldczak8gfmRXDuf77P7TYuygSfFcM1AevjZuY_n6yu4wD7VsS1JFjqKYSHEK3tPE60F_XiTGItJvkoG_wSfGC1VOru1qT28i1pffHG_xt3HAzoR0XkMiz486o_9C0b7tgN4B6OT6aqWYtlE3ncemSIIa6-modnkbaekoyJEPXE5MN750M-cAmidSlrLuakzgheCqnV7enocGzi8JVyPqoMnEuiBkYpbxF6C-eE6yw5Gp8MJHfKd7q71RZQ2tLVX57MeTMneUExbsF7Zu91TRE7NtkwTJzEcXO_mKReY4Z0vtNNOhEQMJyvA3TH1PYnxoQvXqZBdVEsuV4qmRVEuMTquI3YYDlzrVXDjqRAFT5CxXviMWJvt0mppxZr2YA_h9HCg3OuebfyC5zQMpuaDr_qiZTtlrhwPCVJSNdUkJbryd3d-u3j5CjCfv59GoXHwG15uIsJs8NI4jkDtlOdCrhTMPptYJkkdG4Pu2Achpr9ZPyetQJQWUPsUfT2Q-CI64n69MDSF0MSnBQax4kFknqalTqPLZylqDyJSPzL-6Wvbt_Ejc7ZFCMzsD2vzxLLCGtMpf
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Gotham-Bold.otf
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F57A 		154 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 17:38:57 GMT
date
Thu, 25 Jan 2024 17:38:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228734
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70565
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Gotham-Medium.otf
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F57A 		126 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/Gotham-Medium.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 27 Jan 2025 04:48:54 GMT
date
Sun, 28 Jan 2024 04:48:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15737
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60432
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Gotham-Medium.otf
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 7B0B 		126 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/Gotham-Medium.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 27 Jan 2025 05:50:35 GMT
date
Sun, 28 Jan 2024 05:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60432
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Gotham-Bold.otf
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 7B0B 		154 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 17:26:14 GMT
date
Thu, 25 Jan 2024 17:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
229497
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70565
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7B0B 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0de3bee4541d2a7407d5c84a4ca1b493b6be210a050afe7ef627deaf4d09ab7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5898
x-xss-protection
0
avw
neural40.cdnwebcloud.com/ Frame 1761 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural40.cdnwebcloud.com/avw?1280886436828&n_o_aut_tc=329167520
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.179.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-179-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 28 Jan 2024 09:11:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F57A 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29146175d67a90b39f14ce156498ccbb98cfcacf90bde241d72fe229ff770b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5852
x-xss-protection
0
avw
neural40.cdnwebcloud.com/ Frame A94B 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neural40.cdnwebcloud.com/avw?723216993125&n_o_aut_tc=329167514
Requested by
Host: 6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
URL: https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.179.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-179-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 28 Jan 2024 09:11:12 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1761 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzLNYU5M7Ryt1Y-ANFK2QX4PNnub5b96XsowjQH2OBHm1RzjfwOA9YCgmV_IsjoDzQLpaUL-obqffv7EBYWtwTCQmpR51AedZc9yuPp-Dg3IH5YX2Ovh8RLgEMvnuRQGAvIYMRluEN-mi3HAdag6KKEGad&sai=AMfl-YRrnkHLvsLL4Qd09XbqFF8fR2QZ9GDGnUiirLX-vohDA0QHLbfdALsSRkkvds_zR_LSIrIzEBAoU-MufufK8gfNE2SdItAHL9YhVrOs78U8X-xpCW4ihxTCyww&sig=Cg0ArKJSzDsQhA95f5LgEAE&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&id=lidar2&mcvt=1000&p=226,436,316,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2381076105&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170643307000&rst=1706433069943&rpt=743&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F57A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Jan 2024 09:11:11 GMT
view
ad.doubleclick.net/pcs/ Frame A94B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssICHld1mvCK_HRi0-BLQOfj_8reMzT86Ni8HsXh6akAKpmVvh69oI3meAnZVwGRCGUl1IIGJp0JA4Jf6-NuX4p-IOKVlF3whr9P1E6YExlBLacIqrLXn4PrI-DsHtUKgc7_o2wt5E_gTKIBCHlIf96FqhdnCmlH3ykCKNvRuHT25bghMfCin-jXRrlqybaUwFipuXOh-nqGWTzkXpfupqZ1aUVwiUEQ5YzrsWhfSivDkZZOE5c5g_46giomnstN-gfWgOhsP9wMYn59b4dw2gwqhxAOOOkGGQpZwEszjcF8Qn0cqA0u0298YbhUDctWJfu7WdF4t8TFbClijrAqmPFmMF683j_0E6j8Nnl2gtozvs_xiwigIh4QTV8KNv8bFWnuCLtDQ5m4_qiMo_RRZg5k9XNy-T10JyoxlNifAun-sbawTF-veqqPopCmCWJk1LuIFcO1SCxcPrDKr36MEgOAQ0pxTFAUPbWPkHJn9PXNUaIO9i0UclyznoyBTRFzhNrnXZs3tf2qoTf52oBMSTVtOHCNQ1QAVkbnweiACC_I_ZrBy_pxzn8NRluPaZyCxopRkelKl2inAzRjQhUQx3eHZDAViNhmKFyPJnIOfY9fukRC1gNL0NWXw502qbhBIjVpnGWAYechQb3OAkKuxkeupj1eHzvAQDpNJ3l1H50bv_OTM_cl8Z66p8SLseJS6tvTCyxq-NfyX0twCfAAYccVOxpqMJ3DDbZEdgPTocGaJadxZrbG3ss6f2yDHDWGK8_p_l_0XjZtAVq4tWdwsRgbz-TTQs7gspg_kFiHy-WQ9bGHKeupLM0nVJbXcwmTHSpTYk7pvuFyets-x_4ZK60wt2o3je0OTujYrB7FwOlNm3erdQ8Da4Uq6gt9JWBUDvY4-BZa5m6JNqVPy5Y_ox8GL6yGrtjCR86RztgNFa-NKLjW0icVUjHSgIjTQF3iQRqqNEtqTHbfv4m3gEe4muqttOQqbW9cn64zZ8vmexoqmO_byWaUVXNMTJB0CnSQ4cCwBo8En--yKLtPKtEDawRHDqITybeaaRqcK3bsSTAcE6IpKcnupeZKCVNnHskICU025EOlu-oAResvz1dHXV0ZPwQFtCVzAAM9KaJu4qjyC9dI-XT7PM2B5AjxywY6R9TKFc1Sgo9FHuOgXvtObHqCfFjxpKtjBdE0NBoaWmRW8Iwjf3TcdkXP9KbgbP56dQWtmm79egJcIKWK5A7CxP-6NDjDBu03wpgM2b0JzkCc3jth4F38NcGFI2ju6sx4ogUEwzx0Plydbu4dK6EakQ2z8NB47lYgNQyw9bFDKhg3Qffzawyrw7XzFkTR7brvPSdtjcfL4yqqrCLB17CXVHLRTfV5ZE8cQk73_B8GBm7jgzYWN7i76jUE2KPpoFuF62wtutIRd5zp2XzUiia3U3VTYfrtkykfhyrVnB1f_CyE0sCcFFi8h0tkSEKLE1ZCXE9QaC6NkLMIWvPeANKbchpGgp-umRhT-iwoDadjs3nuNBgTfaTAw4NvmakNJWv8U0A8riXjaPIkhcekyD2q2DKroC0ZPxlFmVRIWzsIOz7BatA7WFs5L_h8-VXBUtdvO8&sai=AMfl-YQ8XHjAgNSl80fntwKe2b6JvFG5p31BMN7IsnXZesDWH26bVfF5E8PPJRCriS9kcUEI7Dzo07mu4N70ZFWHqTNRbdfvLHgzdf6oDxAKH-D4loSjuW5on2Cf_8eTQPJUVeEv1UxFrJdQ6B17XKdidrZksMpY9qLQ8rFBDUSxFo6u4cb2cp0ryeEmLAUem4T2GPSFYv-TEnJrA_nb8p83n4O217LMQOiAkfMRn6qm8MorxksqSXnRzBRDinb5ESDjTTl7o5rWE34GRDmukebOI1mdeGjw6HDgDlEds9c3PtfGfWcwvNBtN0poqMJeWW77IxW64XGmVmJSV8VOxFZeiWXOPp9sDKxN3HzHSrYtKwsBt4U6rya-O0YI2yg93F546yWcRZOmIzO6IMDlBNOEU_2LlHD2MiZxPfzpExeKB2r3dk8TnqE&sig=Cg0ArKJSzHIgdUxXQSWgEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1674&vt=11&dtpt=994&dett=3&cstd=673&cisv=r20240122.91097&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A94B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspqQv0htqP47Dpxbsp4t32kl-oxXbVja7YE19qcG78pT22Qp_cMT-Y7aSzFkFOeeMSnbuDF9WXPzfFgs7OtdMcLq2iTyJ6pOVdEDo4l6cBErxeiF3to7dDHMT_VTfrhCkLCtg2QeaLQkdPJrn_4CS5EikU&sai=AMfl-YR7Yd7yDHwIE37UHoJ02GzuG0Yv_9fAiL4N3saEc3ze6s7fTDbThvkuVhOQz9RPwnaI4lOwLydlhbgAfgJwgAcsKCaL97yHL3Js7UObmHGC2xxr0xNdVu9-HPU&sig=Cg0ArKJSzMqQDGlqoNEcEAE&cid=CAQSOwAvHhf_3TTugq4btm9-2PksU1v6K2tmywfDLfmAzu92KYSUPkcOq-fXOVOBnhT28JeY-AkElDhm2XnfGAE&id=lidar2&mcvt=1001&p=659,1330,699,1371&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3867015567&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170643307000&rst=1706433069968&rpt=805&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7B0B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Jan 2024 09:11:11 GMT
view
ad.doubleclick.net/pcs/ Frame 1761 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssRCeJ4YxK59_gelpnlLqR2uDBn1wjOZALozUVSLLd7784GnLHlgiJJU_4Um78BhqWTc_U2AXcSx7qkPMPYb_qQKdQvQdSFgMOeDUcn741bPsf5Gspd1kq5FDxw9TmbOCfCuO6JuDDgUhnX8BKe0Lp0Foyq3asB4dmXWke-ucWaJbbzdOpmYMAyStT0ZrtjtJSFkxhXvFTpqo07ifsZpTLx5OvYxOultTa9dBJ8tXSrTNOXcTFkX__8QhGr3cHqou1vmGVHQpgfBN5GaVR97kS7E7iSYGVGUsrR9Mtaq7SE9nU2t0QpMObbQ6mD90AhjadBKDO7PLI6lWyFMXFTSNCOPnogj13RlTSFPn84JClUQayFV7oUi0hHQrq4rlUykoKVTaFgH_VclYcvpUB3kE-WknaRELuYtUd2s_xwqz0CAIkYyiFfXuSYUCDyDx-N22jeJT3t8RE5KjUsUyFPHBBW5E50xxhByOr_8vzB4eGNvFbotxMiiwS_U4quAwyafVKtloGd26Sp1DhtVzUvsel5IL9fY-O8VfD_hF4i7GkEpwmnGVdoRcEL_jfeyCtJSbZ4Fi9iYRCulXPAS12wrCAeMocVtz05bLH5K8ya_GC5yVJzMD9P5IHbAgNhSbYUa_3-Ty0YsYcXtLCHJWtABTzfiVESY-u4EpFbl7fkrPrDKqO8IbxEPI29D2a5a2_K6mhS2zbrEDhJOYJIdiPM8477nKXlZAo1o22p6Kwl9_WoFMd_pMlO6r3wdvtn7YbCvBBoch8SUQ5Wknomf9JJtsnVSbtLZQ-Z-oJolUmPYAsGKfVXRdN8PVhurCMvI_bJ212SSZjiqYw4aoyz9mfts6TjLbhyOMGUCtt7EcM6tdCLMFODrrvKHuso8p8jJ7_x65Fp6K1U01cWf4uhoGgYmk4-kkMbt01uELK7JJG2GaY2ZPuHiuQz2Najxe0o0KCqx8ECzXxOjmN5HC81Ro5iv8xxwkP8AzE_900SpPqmL3KSoQPtilXoCQ62tu6pQ8033JnLX-nfm8uAwYBZH61SE__1Te6x7ppMXxIYhCS3o1LxgLjdtschzWjHJWG6fdDfJx0j7fHz9IIyS4J5wL3zUS9wKAvj6efR3wC9ME9k4AKGRIgZZZp5dAXGrx6nEqmahFFpXDIKC3Mjv3IRGPy7HOgVN90YC1Bso25YSnoAlyZW1z5aEIaognJe2QnoTol5pudHT1SS_oeMHiZ9VE7F4hKAP3hXGUPVdpi7OKCgZOx3AXE5YLzq0caSah6ZVy7NUJvXV40emigAPuXwYEqhEhy4E0w6dqmqUQ4O00F5KUghxKU2qjqJCHy3w5FLxFICR9iocosBN4AD1_VGq7rjZwzuKJsj9Axbljh1rK_ti1B9gL_D3ZBhBRVA-wpPrwYoHge4pNJiiXDNsVtbQa5X_-mrU1K4HEttl4HojFC0MCyUvGQobFwSiNmILu4FViqHzOkJ3jsMNmxeXqZC83_baj1y-9OkIOdLN7Ey7gbGcnzVNGOJ47kraLOCIymnzak0-mLDDMVksXO4aERXxryhQOhjJyUoSLaCvAexAUDLtpNJL58EP8sryVh-z4og9w&sai=AMfl-YTws4lvXByQIaIAeLESowJM75u1RMcgC8Q-Lz3D5NcVq0XmpMVACAyPZ6lsUeLCandN1lZ_QUU4GrdQOsgerCiqGWb9Ru2BUBmn5-uWzppmKNf30mQ-Nnj72hHql_HeXLUg5QSyZJh9SAuiagJvA8tjZ0SZhS6TTpM3YdCRFbiSWFY9DLHGgGZshG6SrFBh1aKdbD0UDNT-1HJIuEmlLVSyNNhMzqq5nuQcsvzez_i03PAlKjM5HOqGZ31V9ePlXJ285b_eV0OVJuzl4S7rzDgiREcyoUHeYOyjaNrdSNSdQcUMc0u_C0oAqV4Qq0sOkZb9qXXsax-SKthVKkiwroCczdQ4x04H3PTuU8mikLHsJd-uF_lWGIPz0840GcZbNVOl3WSgPOr_mPi6ObBKqoxiz5fiympXTG_tlxfl3U_XAsBD5TU&sig=Cg0ArKJSzB7ji40Ka91QEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1814&vt=11&dtpt=1109&dett=3&cstd=696&cisv=r20240122.91543&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: sitchu.com.au
URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails?utm_campaign=sitchu-melbourne-newsletter&utm_medium=email&utm_edition=202311010600&utm_source=newsletter
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 9450 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
156648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 13:40:24 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 4C8A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
156648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 13:40:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js?bust=31080696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
432c44c94186870826f56a7ecc040cbc4ae8e9eff1e7132dfd4a223fa4757b50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12319
x-xss-protection
0
ct.html
ct.pinterest.com/ Frame 8377 		565 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a6d15c2a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Sun, 28 Jan 2024 09:11:12 GMT
pinterest-version
531b9cd0463f023a295955d14cd84d005b70b1e1
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
1820720816898661
sol_logo.svg
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 7B0B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/sol_logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 27 Jan 2025 03:08:13 GMT
date
Sun, 28 Jan 2024 03:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21779
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1118
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
texto_logo80.svg
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 7B0B 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/texto_logo80.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45565342518890a25b46dee5e726ad773917bfcc17dab19f4d6455f4a4b9c722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 17:39:03 GMT
date
Thu, 25 Jan 2024 17:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2164
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
palmera.png
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 7B0B 		941 KB
941 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/palmera.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 17:29:07 GMT
date
Thu, 25 Jan 2024 17:29:07 GMT
x-content-type-options
nosniff
age
229325
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
963679
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
palmera3_1.png
s0.2mdn.net/sadbundle/11938805746972946677/ Frame 7B0B 		490 KB
491 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11938805746972946677/palmera3_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7316c9f4d49e26236b93f844761720c06a1e9a32de4eea83678381e3237e0947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 27 Jan 2025 02:45:41 GMT
date
Sun, 28 Jan 2024 02:45:41 GMT
x-content-type-options
nosniff
age
23131
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
502226
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
alwaysOn.jpg_1688031171872_alwaysOn.jpg
s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/ Frame 7B0B 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/alwaysOn.jpg_1688031171872_alwaysOn.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47ca510e702a8bb97e5fdf139d5fc1b038e1613bba446a49905dbd653e8f028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11938805746972946677/index.html?e=69&leftOffset=0&topOffset=0&c=5CeBP6WBO2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:27:26 GMT
x-content-type-options
nosniff
age
229426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173580
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 09:32:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Jan 2025 17:27:26 GMT
texto_logo.svg
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F57A 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/texto_logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbbd6285bb18a8c92cc59574c958877754850f795f0f4dad205c79fd21d1d467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 17:54:10 GMT
date
Thu, 25 Jan 2024 17:54:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227822
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2125
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sol_logo.svg
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F57A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/sol_logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 17:41:22 GMT
date
Thu, 25 Jan 2024 17:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228590
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1118
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
PALM.svg
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F57A 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/PALM.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afcd6ebf6cf7124e138218f69982d6c9ca1820345967c9263d243dbf5631d204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 17:46:08 GMT
date
Thu, 25 Jan 2024 17:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228304
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1519
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
palmera2.png
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F57A 		960 KB
961 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/palmera2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73f6add564f8d8c794d4b1bd49749c1770990b44616591ea59ce7333cf05a574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 17:54:13 GMT
date
Thu, 25 Jan 2024 17:54:13 GMT
x-content-type-options
nosniff
age
227819
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
983441
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
palmera.png
s0.2mdn.net/sadbundle/4729389039347901916/ Frame F57A 		941 KB
941 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4729389039347901916/palmera.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 24 Jan 2025 17:26:24 GMT
date
Thu, 25 Jan 2024 17:26:24 GMT
x-content-type-options
nosniff
age
229488
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
963679
x-xss-protection
0
last-modified
Thu, 25 Nov 2021 15:49:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
wintersale.jpg_1696585962342_wintersale.jpg
s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/ Frame F57A 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/wintersale.jpg_1696585962342_wintersale.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be3291eb66d4513d5b162742f39c532cec84790122d5ff978db50ff2d7fc1525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4729389039347901916/index.html?e=69&leftOffset=0&topOffset=0&c=IyQJpGg00x&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:48:41 GMT
x-content-type-options
nosniff
age
228151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111199
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 09:52:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Jan 2025 17:48:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_fy2021.js?bust=31080696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Jan 2024 09:11:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96CF 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3187005099288&version=m202309260101&ct=76&x=1&cor=17662260213385329000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0611 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
33587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 23:51:26 GMT
expires
Sun, 26 Jan 2025 23:51:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F2F3 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::69 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
42535129e8e2fe1e5d114cad3d5eb75d62ef43c5db564d108d7a09b19612f7f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qG8uUBaqPMb6iZinye-TBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-qG8uUBaqPMb6iZinye-TBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Jan 2024 09:11:12 GMT
expires
Sun, 28 Jan 2024 09:11:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame F2F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=2822745632650962&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 0611 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 13:40:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
156649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 13:40:24 GMT
generate_204
tpc.googlesyndication.com/ Frame 0611 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?p7b4_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=2822745632650962&bg=!JCelJ2jNAAa8BdJLnAU7ADQBe5WfOK9KQ8u4-lDesCwGc78H2M_REf9v9BjgjblRwxwzmaJBR-NSDGTXhfbViW2WJ61YAgAAAEtSAAAAA2gBB5kCvIhouJnncr34wSLvs6GK5-PUULPspxJs5viooK_-vc_mprSFb-ZPDgQxY3aVug5XlQMP2WtgN8L2Gy-U07rYjJdLWhRjimzpPTt9pimPRePX3P9wZx_NwervQrXHnwZ3sprwfNr3tvtAU_VDohErfDGvdYjo8CLqgps2IzqdXTxTu0rsIBtWgbUjsEu0i1T160X2LtDr5ipf5mGBUEpUPDwTA1IZFnDmEwulOxETZdS-J5PM9yelsUYQDld3S92CB5UIMsRD5zIc5F1_IYJRs9ki9cFO3osyCa0HmpGimrKhVXK4_hl0Wy6CDIHBaMWYO3pwxPK_CGin3fTxQlD1ouf8kAtwUw-k8l1rey2l5tDDZQnbD4Ce2BrJXa5AkRbl30mn6nZEOdRGEoLEhBkLhW6wOXOXpqivkrVy7Kb4G0Xl5vcHXKFi-Pe-6vh16qmaEPnGd7QfoI-MRojNdbMvihi-R5_iLZEqTb-YU1XsocYgqMMeSjLFdGB7eKak5psYF60ZjZ9Vslmz6jds26YmuQovVWdR_tlrvOf7Xh5yd6wccUm86qD6uwQUYyk2Y4NmpOc3OWx24ZssKNH3ySaaihLK4DgRham9q2yKuU0jYJUuF5YugBuIxdqF2DIegA8Ar35BidJqZ04srFYW8U8VBWI4DWyg70ydHRVh58Yb5LEQbL28Md2K08Jtfw4sYLXYDeyrsG81MjkqwH6AhXpzWJeeCenJ88LORRtes8h8qCBRUZlmbCjqlu6n8JoV-NBMS063qs4Xu_ityD4SH-n26ecSaH4zu-f1au5hhMGM3hmRcowiL-lLX1mSX0FErNMl2xBF7C_eUb-OanWSi6eUcbc7XODx_9uEZeWLxSa1-zZ3ViBLaZU0VF0BRxC-PCYeiQiJZDoo8ZHTL1aSivBrsID7b9nlZHajWhBag9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsitchu.com.au%2F&domain=sitchu.com.au&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://sitchu.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 28 Jan 2024 09:11:14 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
431683
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsitchu.com.au%2F&domain=sitchu.com.au&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=WRvvdHx3TDJRZFFQUHRtbWVPaUgzZERZcUNsUDQ3YVZQQ05YdGJ6REZhUjlmRURsejFrVUVjZFZDejZhUUUvRWY1VHhvRC9MQTRTaWVoUndFa3BOcmZWRC9meWZIUE1GQWFtZ1RpTDJrR2RWMmJBcUdsNi9WSHpMcTFkcW...
362 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WRvvdHx3TDJRZFFQUHRtbWVPaUgzZERZcUNsUDQ3YVZQQ05YdGJ6REZhUjlmRURsejFrVUVjZFZDejZhUUUvRWY1VHhvRC9MQTRTaWVoUndFa3BOcmZWRC9meWZIUE1GQWFtZ1RpTDJrR2RWMmJBcUdsNi9WSHpMcTFkcWhnenBNSG9vdWJvM3JvT09HbWFsb1JDS1RObDZlM0FNcmFRdzZzOCthVUJ5bjVCYW5palY2ZkpJdzRGN2Z1SXZsdHJqR295SFU2OTIzeEtWd1BsSndiT0pZamNBdXNxWUltcHhIZndCM3RhdkRlOEJoTWp3ZzFpbVBmZEdwbHB3dC9KYlo5MUZxfA&cppv=2
Protocol
H2
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ec0580f34f6b172c069980806a236823b1ccc356df21a5878782eee7fa73c860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sitchu.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
897089
expires
0

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://sitchu.com.au
location
https://mug.criteo.com/sid?cpp=WRvvdHx3TDJRZFFQUHRtbWVPaUgzZERZcUNsUDQ3YVZQQ05YdGJ6REZhUjlmRURsejFrVUVjZFZDejZhUUUvRWY1VHhvRC9MQTRTaWVoUndFa3BOcmZWRC9meWZIUE1GQWFtZ1RpTDJrR2RWMmJBcUdsNi9WSHpMcTFkcWhnenBNSG9vdWJvM3JvT09HbWFsb1JDS1RObDZlM0FNcmFRdzZzOCthVUJ5bjVCYW5palY2ZkpJdzRGN2Z1SXZsdHJqR295SFU2OTIzeEtWd1BsSndiT0pZamNBdXNxWUltcHhIZndCM3RhdkRlOEJoTWp3ZzFpbVBmZEdwbHB3dC9KYlo5MUZxfA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
575837
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
ddaa3b79f5c29441f8a66d1e929cc07f7f78244a5b8478f567f85cd130bc6614
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://sitchu.com.au
date
Sun, 28 Jan 2024 09:11:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		75 B
824 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.142.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-142-103.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b1287a70a406f1c2408bb506f35f2bb22a7d64d68ad6ab0844e6db1ca358aafc

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://sitchu.com.au
cache-control
no-cache
x-server
10.40.48.150
access-control-allow-credentials
true
content-length
75
expires
0
any
idx.liadm.com/idex/prebid/ 		50 B
455 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/any?duid=8dc65b4b215e--01hn7ncehvqw16mxe610gp83hw&resolve=nonId
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.6.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-6-32.compute-1.amazonaws.com
Software
/
Resource Hash
c74a455889b324930dab4cabc50cc2df7133de55cdbaf539784c1ac5a300aefc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 28 Jan 2024 09:11:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
3
content-type
application/json
access-control-allow-origin
https://sitchu.com.au
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
9dfdb780dfada3fc
content-length
50
expires
Mon, 29 Jan 2024 09:11:14 GMT
rid
match.adsrvr.org/track/ 		109 B
564 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=rubicon&fmt=json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8ef5f3aeb4d51b6959d7b6ed733ef739b8e5547c00dfbfeac5d28d02f5f7198e

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 28 Jan 2024 09:11:14 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sitchu.com.au
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 27 Feb 2024 09:11:14 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame F909 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
181
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
84c81b5b9c2d39cf-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 28 Jan 2024 09:11:14 GMT
expires
Sun, 28 Jan 2024 13:11:14 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EFDE 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Jan 2024 09:11:14 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1AE6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
13459
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 28 Jan 2024 09:11:14 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
471, 10723
X-Served-By
cache-lga13626-LGA, cache-yyz4578-YYZ
X-Timer
S1706433074.494017,VS0,VE0
pd
interplaymedia-d.openx.net/w/1.0/ Frame 4979 		880 B
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://interplaymedia-d.openx.net/w/1.0/pd
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c4176e1fc46c0f83489ebe75400171a7c8ce7418b20c2dc561fb710155324033

Request headers

Referer
https://sitchu.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
548
content-type
text/html
date
Sun, 28 Jan 2024 09:11:14 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame 4979
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZbYaMgAArhmbHABK
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbYaMgAArhmbHABK&_test=ZbYaMgAArhmbHABK
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbYaMgAArhmbHABK&_test=ZbYaMgAArhmbHABK
Requested by
Host: interplaymedia-d.openx.net
URL: https://interplaymedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://interplaymedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4574-YYZ
pragma
no-cache
date
Sun, 28 Jan 2024 09:11:14 GMT
via
1.1 varnish
server
Varnish
x-timer
S1706433075.845048,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbYaMgAArhmbHABK&_test=ZbYaMgAArhmbHABK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
39a26589-6271-e516-fba5-634081bb0de1
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4979 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/39a26589-6271-e516-fba5-634081bb0de1?gdpr=0
Requested by
Host: interplaymedia-d.openx.net
URL: https://interplaymedia-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:e9de:ec19:65e0:9ea1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://interplaymedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 4979
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=f5b37fb0-ee77-cca5-0a7c-f72216df0b48
  • https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=f5b37fb0-ee77-cca5-0a7c-f72216df0b48&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=f5b37fb0-ee77-cca5-0a7c-f72216df0b48&dcc=t
Requested by
Host: interplaymedia-d.openx.net
URL: https://interplaymedia-d.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://interplaymedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 09:11:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NVWBH14ESJ7JZEKGGF4S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 09:11:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QQBR7D7HZ87TGTHFF8B5
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=f5b37fb0-ee77-cca5-0a7c-f72216df0b48&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4979
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=ad6503cd-f2dd-775f-ca72-75b57eecc0a8&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=ad6503cd-f2dd-775f-ca72-75b57eecc0a8&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=efadb6a8-8b68-4dc4-8bd3-eef906158ae5&ttd_puid=ad6503cd-f2dd-775f-ca72-75b57eecc0a8&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=efadb6a8-8b68-4dc4-8bd3-eef906158ae5&ttd_puid=ad6503cd-f2dd-775f-ca72-75b57eecc0a8&gdpr=0&gdpr_consent=
Requested by
Host: interplaymedia-d.openx.net
URL: https://interplaymedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://interplaymedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=efadb6a8-8b68-4dc4-8bd3-eef906158ae5&ttd_puid=ad6503cd-f2dd-775f-ca72-75b57eecc0a8&gdpr=0&gdpr_consent=
date
Sun, 28 Jan 2024 09:11:14 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 4979 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODEwYWQwMDctM2JhYS0yOWZiLWRmOTItMmYwY2I0MGUwZWM4
Requested by
Host: interplaymedia-d.openx.net
URL: https://interplaymedia-d.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://interplaymedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4979
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1
Requested by
Host: interplaymedia-d.openx.net
URL: https://interplaymedia-d.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://interplaymedia-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENE0PKFtrGsq1kYQbIKJBpA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1AE6 		0
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:14 GMT
an-x-request-uuid
eb4bda13-a3de-4067-a3ab-7566da4f4846
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EFDE 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.125.215 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-50-125-215.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4df1806ac4b2f3bc541bff7f263eb1e605447f9c73576d9b6dc2348e9a4a6165

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 28 Jan 2024 09:11:14 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Jan 2024 00:34:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55359
Connection
keep-alive
Content-Length
10901
Expires
Mon, 29 Jan 2024 00:33:53 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e731128d037561a0c97ab9a68781f7d0c74c8741239ae4b87f1b16859d37cd4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://sitchu.com.au
date
Sun, 28 Jan 2024 09:11:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame EFDE 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.43.72.97 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WRvvdHx3TDJRZFFQUHRtbWVPaUgzZERZcUNsUDQ3YVZQQ05YdGJ6REZhUjlmRURsejFrVUVjZFZDejZhUUUvRWY1VHhvRC9MQTRTaWVoUndFa3BOcmZWRC9meWZIUE1GQWFtZ1RpTDJrR2RWMmJBcUdsNi9WSHpMcTFkcWhnenBNSG9vdWJvM3JvT09HbWFsb1JDS1RObDZlM0FNcmFRdzZzOCthVUJ5bjVCYW5palY2ZkpJdzRGN2Z1SXZsdHJqR295SFU2OTIzeEtWd1BsSndiT0pZamNBdXNxWUltcHhIZndCM3RhdkRlOEJoTWp3ZzFpbVBmZEdwbHB3dC9KYlo5MUZxfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 28 Jan 2024 09:11:14 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
315344
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
587.json
id5-sync.com/g/v2/ 		625 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/587.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/17664_sitchu_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
dc75f2706fb7e4032788cfce2022c9be9325316feec7b446d266333dd2341651
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://sitchu.com.au/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://sitchu.com.au
date
Sun, 28 Jan 2024 09:11:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame EFDE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRXA6UQ4-9-KPST&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRXA6UQ4-9-KPST&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 09:11:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
20JPFD5J17V5DBC9MV5N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRXA6UQ4-9-KPST&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
pixel
cm.g.doubleclick.net/ Frame EFDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJhZTAyOGI5ODhiMTUzZjIwMGVkYWUzZjE5MDkyNTVjYjMzOTU1Nw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJhZTAyOGI5ODhiMTUzZjIwMGVkYWUzZjE5MDkyNTVjYjMzOTU1Nw
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTJhZTAyOGI5ODhiMTUzZjIwMGVkYWUzZjE5MDkyNTVjYjMzOTU1Nw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EFDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CYcZpDRN5vGja2Q3i8FNLg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hboZj5E2oLaiMS3_sPMpjFBQC1z2j2wHAykFQ--~A
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hboZj5E2oLaiMS3_sPMpjFBQC1z2j2wHAykFQ--~A
Protocol
HTTP/1.1
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 28 Jan 2024 09:11:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_hboZj5E2oLaiMS3_sPMpjFBQC1z2j2wHAykFQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame EFDE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=efadb6a8-8b68-4dc4-8bd3-eef906158ae5&gdpr=0&gdpr_consent=&expires=30
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=efadb6a8-8b68-4dc4-8bd3-eef906158ae5&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=efadb6a8-8b68-4dc4-8bd3-eef906158ae5&gdpr=0&gdpr_consent=&expires=30
date
Sun, 28 Jan 2024 09:11:16 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame EFDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJYQTZVUTQtOS1LUFNU
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBJ58ES-UW6bXzu0ipneTtA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJYQTZVUTQtOS1LUFNU&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJYQTZVUTQtOS1LUFNU&google_push=
Protocol
H3
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJYQTZVUTQtOS1LUFNU&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
ecm3
s.amazon-adsystem.com/ Frame EFDE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0VnVt8M5RvuheuiPiz9JtA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0VnVt8M5RvuheuiPiz9JtA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0VnVt8M5RvuheuiPiz9JtA
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 09:11:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J2P6ZNK441FPMTA5RDX5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0VnVt8M5RvuheuiPiz9JtA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
14f2833af82feb4c3bb41319cabc6617
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame EFDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRXA6UQ4-9-KPST
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRXA6UQ4-9-KPST
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:15 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1001C0BB87734AF29C2E1B4798339175 Ref B: YTO01EDGE0409 Ref C: 2024-01-28T09:11:16Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYP/elavz9OzsefiKpEsA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRXA6UQ4-9-KPST
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EFDE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBfGRbf4IqH9k_wyxoZ7wZI&google_cver=1
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBfGRbf4IqH9k_wyxoZ7wZI&google_cver=1
Protocol
HTTP/1.1
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBfGRbf4IqH9k_wyxoZ7wZI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame EFDE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 28 Jan 2024 09:11:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
95EJ498HNB9TT0JVR1X0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame EFDE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAIjiE7LbDQAABPra2ljCA&expires=30
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAIjiE7LbDQAABPra2ljCA&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAIjiE7LbDQAABPra2ljCA&expires=30
Date
Sun, 28 Jan 2024 09:11:16 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame EFDE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ddc59d2c-8d6e-4ca2-8094-d2f86ebf157a&expires=30
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ddc59d2c-8d6e-4ca2-8094-d2f86ebf157a&expires=30
Protocol
HTTP/1.1
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ddc59d2c-8d6e-4ca2-8094-d2f86ebf157a&expires=30
Date
Sun, 28 Jan 2024 09:11:16 GMT
Connection
keep-alive
X-CI-RTID
a5388c7e-2783-43a1-8856-ce3995562673
Content-Length
144
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame EFDE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRXA6UQ4-9-KPST
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRXA6UQ4-9-KPST
Protocol
H2
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Jan 2024 09:11:16 GMT
an-x-request-uuid
990cac3a-87af-405e-b6e7-070bb412e6ac
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
166.0.205.4; 166.0.205.4; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRXA6UQ4-9-KPST
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
pixel
capi.connatix.com/us/ Frame EFDE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LRXA6UQ4-9-KPST&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LRXA6UQ4-9-KPST&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LRXA6UQ4-9-KPST&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol
H2
Server
104.18.41.104 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84c81b6b4a86a208-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 28 Jan 2024 09:11:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LRXA6UQ4-9-KPST&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
84c81b6a69d9a208-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
cksync
hb.yahoo.net/ Frame EFDE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRXA6UQ4-9-KPST&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRXA6UQ4-9-KPST&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1acVBySlZORTJ1RnZXakhSdkpiZ3FhOXFWU3NvMng0UH5B&ovsid=LRXA6UQ4-9-KPST&dpid=58160
0
0
v1
match.sharethrough.com/sync/ Frame EFDE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRXA6UQ4-9-KPST
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRXA6UQ4-9-KPST
Protocol
H2
Server
54.157.238.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-238-89.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:16 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRXA6UQ4-9-KPST
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame EFDE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LRXA6UQ4-9-KPST
0
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRXA6UQ4-9-KPST
Protocol
H2
Server
147.75.198.144 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 09:11:16 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRXA6UQ4-9-KPST
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
14f2833af82feb4c3bb41319cabc6617
Expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pubfeed-edge.linkby.com
URL
https://pubfeed-edge.linkby.com/t
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEAOXHlXXwbV6axTJzXYjuVU&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
hb.yahoo.net
URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1acVBySlZORTJ1RnZXakhSdkpiZ3FhOXFWU3NvMng0UH5B&ovsid=LRXA6UQ4-9-KPST&dpid=58160

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 function| $ function| jQuery object| Popper object| bootstrap function| Plyr object| m4 object| xn function| MarkerClusterer function| Cluster function| ClusterIcon function| md5 object| amplify function| elementIsChildOf function| getSelector object| rstv_store function| Cookies function| Swiper function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| tippy function| ResizeSensor function| PhotoSwipe function| PhotoSwipeUI_Default function| Sortable object| bootbox object| adsbygoogle object| pbjs object| adSlots object| gSlots object| mappingLeaderboard object| mappingSizes object| mappingSkins object| leaderboardSlot object| articleSizedSlot object| googletag object| googletarget function| sendAdServerRequest object| dataLayer object| aspnetValidation object| addthis_config function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| php_js object| Pubfeed object| pbjsChunk object| _pbjsGlobals object| regeneratorRuntime object| liQ_instances object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga function| pintrk function| fbq function| _fbq function| hj object| _hjSettings object| ORIBI number| PIN_19750 object| PIN_1706433067841 string| value object| key object| PinUtils function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaData object| Criteo object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YTQ2ZTNiMmIzYTU0NDAyNGxvYWRlcl9qcw== string| YTQ2ZTNiMmIzYTU0NDAyNGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| teadsscript object| teads boolean| google_empty_script_included boolean| 672cfdd5-073d-45f1-a75e-1d8d6f1eda26 object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| GoogleGcLKhOms

92 Cookies

Domain/Path Name / Value
.liadm.com/j Name: lidid
Value: 467b4eaa-8514-43d1-971d-4276149a5c73
sitchu.com.au/ Name: SitchuCity
Value: sydney
.sitchu.com.au/ Name: pbjs_pubcommonID
Value: e035d14a-d99b-4ce2-b948-580c2377065c
.sitchu.com.au/ Name: pbjs_pubcommonID_cst
Value: zix7LPQsHA%3D%3D
.sitchu.com.au/ Name: _li_dcdm_c
Value: .sitchu.com.au
.sitchu.com.au/ Name: _lc2_fpi
Value: 8dc65b4b215e--01hn7ncehvqw16mxe610gp83hw
.sitchu.com.au/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1706433067579%7D
.sitchu.com.au/ Name: _ga_HNMZX1H0LD
Value: GS1.1.1706433067.1.0.1706433067.60.0.0
.sitchu.com.au/ Name: _ga
Value: GA1.3.1049417713.1706433068
.sitchu.com.au/ Name: _gid
Value: GA1.3.685600291.1706433068
.sitchu.com.au/ Name: _gat_UA-78490167-1
Value: 1
.pinterest.com/ Name: ar_debug
Value: 1
.sitchu.com.au/ Name: _pin_unauth
Value: dWlkPU9EUm1ZalEwTVdFdFlqUXpaQzAwWWpOaUxXRmlZamt0TkRBMFpXVTBaRE0wWmpFMg
.sitchu.com.au/ Name: _fbp
Value: fb.2.1706433068533.1827958583
.sitchu.com.au/ Name: _hjSessionUser_446291
Value: eyJpZCI6Ijk1Y2ZiZDAzLTMwZWEtNTE1YS1iYzQxLTg3OWU2ZmVhZTAxMCIsImNyZWF0ZWQiOjE3MDY0MzMwNjg2NjEsImV4aXN0aW5nIjpmYWxzZX0=
.sitchu.com.au/ Name: _hjSession_446291
Value: eyJpZCI6IjY0OWE4ZDBhLTU5YTYtNGU2Ni1hYTg4LTU3NGJhMjY3Yzk3NyIsImMiOjE3MDY0MzMwNjg2NjIsInMiOjAsInIiOjAsInNiIjoxLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.liadm.com/ Name: lidid
Value: 467b4eaa-8514-43d1-971d-4276149a5c73
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LRXA6UQ4-9-KPST
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bHHzMy92GDUoTp6X1XS67N80UiJJiqwnvfQjwx33MVb4GMcjYI4r1enk+wsk3DkCMVs8FgMY9K/YjH4Wm0It/pKzLSFcpLdFDkijy0RC4Zd8RuybVyVU0yt
.sitchu.com.au/ Name: __eoi
Value: ID=b6f2b80bc110968e:T=1706433069:RT=1706433069:S=AA-AfjZkFSPmQnXjH4oOFZVxKbSe
.doubleclick.net/ Name: IDE
Value: AHWqTUl_szqij6EQC219aHxzTJHtt-44qP9KhADgtrtlIlaH8fz4GSuEU32FJrFTaCw
.sitchu.com.au/ Name: __gads
Value: ID=27f0e5c844fe1ca4:T=1706433069:RT=1706433069:S=ALNI_MZtkJjSXluxCyHVlyQCbH4fXZhGvw
.sitchu.com.au/ Name: __gpi
Value: UID=00000a09b7a2d36d:T=1706433069:RT=1706433069:S=ALNI_MbGCqFmFxZU_-96Y5JNqb2JEBiKLw
.casalemedia.com/ Name: CMID
Value: ZbYaLh13AuqwcNNuFe-BUgAA
.casalemedia.com/ Name: CMPS
Value: 1375
.casalemedia.com/ Name: CMPRO
Value: 1375
.adnxs.com/ Name: XANDR_PANID
Value: l9BRiGWx3rnL5GIWtT5aCPuHlTapMBHwvYFp3vS5lslOlbqQOA1cvkqzf7AQDlgv5jhHJATFTA7f-aowI5y9aBi_i8UwELmKd92tsxqtOFE.
.adnxs.com/ Name: uuid2
Value: 3715322372026901155
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.sitchu.com.au/ Name: FCNEC
Value: %5B%5B%22AKsRol_k0ITBAhFYiplo-z8FBQEtQRse9t2sclfhwBesIQvLs4Lv0OJ433GxViW_dKlwZkIpvQ510cw9s5TJrYivri1CbhbwbnyqInDfzyOzMthgRr7J6spuzImPX2TVuCoRDfa1h9WfQvUsYxK0vPc4xof0qxtTog%3D%3D%22%5D%5D
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi6U70qatKrkCeocnR-p_WY2GpHAuCr1lvDLi6xW5kdFryHwpg
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.blismedia.com/ Name: b
Value: 65B61A2E194D6EEE9181BDE8BLIS
.3lift.com/ Name: tluid
Value: 831767969453441288352
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?deN6/3!]tbPl1M>e)ZlrFUfJ+tGXxp)KAB^Gax_C9>u0cpX5FOtb:8nib#pr25vK=.3If)y3KL9D3I?+shTNQC
.sharethrough.com/ Name: stx_user_id
Value: 50d24f8c-be50-4b3d-980d-469a50f17f74
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7962a1a7-1e58-516b-4700-bc856d02dbfd.Tw%2BgFhS8In5UKjFy4ynad1tzMaqi7aCvAO764WX9R5o
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7962a1a7-1e58-516b-4700-bc856d02dbfd.Tw%2BgFhS8In5UKjFy4ynad1tzMaqi7aCvAO764WX9R5o
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AeWKhpx5YUWtHALyFbQLb_aYAzQQ.YeW%2FxOOtm%2Bkqv5cGLarkf%2FDwJYHs1v3C0m3lQ4IXHFQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AeWKhpx5YUWtHALyFbQLb_aYAzQQ.YeW%2FxOOtm%2Bkqv5cGLarkf%2FDwJYHs1v3C0m3lQ4IXHFQ
.yieldmo.com/ Name: yieldmo_id
Value: VEAPoHHbbPHlQDWI8akZ%7C1706400000000%7C0
.zemanta.com/ Name: zuid
Value: 7mKvh01et_z87zKDqQlO
.linkedin.com/ Name: bcookie
Value: "v=2&5f667775-071e-4c60-8649-705c421df535"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3163:u=1:x=1:i=1706433070:t=1706519470:v=2:sig=AQH85mm6g599SlbdTqwaMPA1TZWGgkky"
.mfadsrvr.com/ Name: tuuid
Value: 6e45622f-531d-4580-b474-584bc3a5b36b
.mfadsrvr.com/ Name: c
Value: 1706433070
.mfadsrvr.com/ Name: tuuid_lu
Value: 1706433070
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.openx.net/ Name: i
Value: 7ec93c94-5b5a-48a8-90a4-bd5d1acbf355|1706433070
.teads.tv/ Name: tt_viewer
Value: 6183cafd-d5d4-420f-9a99-8cea67f5f9da
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJ85bsj6fwdS3p5jkthfJEE2gxZPmW3l2NserUFwPyYSEHwYBCCutNitBjABOgQ7vvenQgRkx46X.xydY2GT5AODRxa2d97S0SOpNVY1HVggQY0Xk%2FZAFvm4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJ85bsj6fwdS3p5jkthfJEE2gxZPmW3l2NserUFwPyYSEHwYBCCutNitBjABOgQ7vvenQgRkx46X.xydY2GT5AODRxa2d97S0SOpNVY1HVggQY0Xk%2FZAFvm4
.mediago.io/ Name: __mguid_
Value: 09dd4f7eecaa4ac72n3all00lrxa6w9q
.adform.net/ Name: C
Value: 1
.pangle-ads.com/ Name: _pangle
Value: 2bZqhocrx5o8dTWsH2BElmFfrFf
.yahoo.com/ Name: A3
Value: d=AQABBC4atmUCELj77y0AEnbIx5JH3XyVzj0FEgEBAQFrt2W_ZQAAAAAA_eMAAA&S=AQAAAqnujMbTqYRLDDKTSY66zi4
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6B0341D5-E057-4911-AE9B-23ADD9A00FDD
.mfadsrvr.com/ Name: ssh
Value: !google,1706433070
.adform.net/ Name: uid
Value: 8066952756971668964
.csync.loopme.me/ Name: viewer_token
Value: ab95fcff-38e0-427e-baa4-4f6da99ecd63
.adkernel.com/ Name: ADKUID
Value: A376228467116696185
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A376228467116696185
cs.chocolateplatform.com/ Name: sp_cookie
Value: sp-0e3fe045f57147d3ad847886035474db
.id5-sync.com/ Name: id5
Value: 42980968-1c1c-7935-bd19-aaf754b73bea#1706433071438#2
.id5-sync.com/ Name: 3pi
Value:
.send.microad.jp/ Name: TR
Value: 35ea7d90236090e643377ce3a292e3338c1aa77f569aa88a
.googleadservices.com/ Name: ar_debug
Value: 1
.neural40.cdnwebcloud.com/ Name: n_one
Value: 2e3b1a96-bdbd-11ee-aa87-0242ac110002
.openx.net/ Name: pd
Value: v2|1706433074|vMgavPkWgyiK
.adsrvr.org/ Name: TDID
Value: efadb6a8-8b68-4dc4-8bd3-eef906158ae5
sitchu.com.au/ Name: pbjs_unifiedID
Value: %7B%22TDID%22%3A%22efadb6a8-8b68-4dc4-8bd3-eef906158ae5%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-28T09%3A11%3A14%22%7D
sitchu.com.au/ Name: pbjs_unifiedID_cst
Value: zix7LPQsHA%3D%3D
.sitchu.com.au/ Name: __li_idex_cache2_InByZWJpZC9hbnk_ZHVpZD04ZGM2NWI0YjIxNWUtLTAxaG43bmNlaHZxdzE2bXhlNjEwZ3A4M2h3JnJlc29sdmU9bm9uSWQi
Value: %7B%22nonId%22%3A%22F8KiTX-TquaqnneN8bEt_hajd-ecVx94AjFOPw%22%7D
.sitchu.com.au/ Name: __li_idex_cache2_InByZWJpZC9hbnk_ZHVpZD04ZGM2NWI0YjIxNWUtLTAxaG43bmNlaHZxdzE2bXhlNjEwZ3A4M2h3JnJlc29sdmU9bm9uSWQi_meta
Value: %7B%22w%22%3A1706433074632%2C%22e%22%3A1706519474000%7D
sitchu.com.au/ Name: pbjs_li_nonid
Value: %7B%22nonId%22%3A%22F8KiTX-TquaqnneN8bEt_hajd-ecVx94AjFOPw%22%7D
sitchu.com.au/ Name: pbjs_li_nonid_cst
Value: zix7LPQsHA%3D%3D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 2997a1341f30a1d21a68e75b6ed4bb77
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMLK0NE80NDYxTDM2SDRMMTJMNLNINTdNMktNMUlKMjdnAILUbVJGIBoKAELfChY%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI3SZlBKSgAAASNAFo"
.sitchu.com.au/ Name: panoramaId_expiry
Value: 1706519474575
.sitchu.com.au/ Name: _cc_id
Value: 2997a1341f30a1d21a68e75b6ed4bb77
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjSt7Tz-frPPBAFOAE.
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZbYaMgAArhmbHABK
.openx.net/ Name: univ_id
Value: 537072971|efadb6a8-8b68-4dc4-8bd3-eef906158ae5|1706433074800504
.amazon-adsystem.com/ Name: ad-id
Value: A0h7zLR6JkTYgRmbyzTQrrc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

5 Console Messages

Source Level URL
Text
javascript error URL: https://sitchu.com.au/entertaining/australian-pre-mixed-cocktails
Message:
Access to fetch at 'https://pubfeed-edge.linkby.com/t' from origin 'https://sitchu.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://pubfeed-edge.linkby.com/t
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://connect.facebook.net/signals/config/195830720844844?v=2.9.143&r=stable&domain=sitchu.com.au&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 105)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEAOXHlXXwbV6axTJzXYjuVU&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6c9638060427ed086687d9eed897672e.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.avads.net
ads.rubiconproject.com
ads.yieldmo.com
aid.send.microad.jp
analytics.google.com
analytics.pangle-ads.com
applets.ebxcdn.com
assets.pinterest.com
b1sync.zemanta.com
bidder.criteo.com
bucket.cdnwebcloud.com
c1.adform.net
capi.connatix.com
cdn.jsdelivr.net
cdn.oribi.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
cs.chocolateplatform.com
csync.loopme.me
ct.pinterest.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gtrace.mediago.io
gum.criteo.com
hb.yahoo.net
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idx.liadm.com
image6.pubmatic.com
interplaymedia-d.openx.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
log.pinterest.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
neural40.cdnwebcloud.com
onetag-sys.com
p.skimresources.com
pagead2.googlesyndication.com
partners.tremorhub.com
pixel.rubiconproject.com
polyfill.io
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
pubfeed-edge.linkby.com
pubfeed.linkby.com
px.ads.linkedin.com
r.skimresources.com
rp.liadm.com
rp4.liadm.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s.pinimg.com
s.skimresources.com
s0.2mdn.net
s7.addthis.com
script.hotjar.com
secure.adnxs.com
securepubads.g.doubleclick.net
sgdbs6pn.r.eu-west-1.awstrack.me
sitchu.com.au
ssum-sec.casalemedia.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.inmobi.com
sync.ipredictive.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
t.skimresources.com
t.teads.tv
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
us-u.openx.net
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
hb.yahoo.net
pubfeed-edge.linkby.com
sync.search.spotxchange.com
104.18.36.155
104.18.41.104
104.87.85.54
13.107.226.40
13.225.195.128
13.225.195.69
13.32.151.24
142.251.163.154
147.75.198.144
15.197.193.217
151.101.1.108
151.101.128.84
151.101.2.49
151.139.128.10
159.203.145.121
162.19.138.82
162.19.138.83
172.253.115.155
172.253.62.148
172.253.63.155
172.64.149.180
172.64.151.101
173.223.163.208
174.137.133.49
18.208.74.217
18.211.142.103
18.235.96.255
184.84.137.62
185.167.164.39
20.127.253.7
2001:4860:4802:34::181
202.233.84.1
23.0.25.37
23.196.74.139
23.50.125.215
23.50.125.47
2600:1408:5400:392::1931
2600:1f18:4e9:5a02:e9de:ec19:65e0:9ea1
2600:1f18:612b:4280:c452:8a8b:24f9:dc81
2600:1f18:730:b110:7999:6675:b6e4:df3f
2600:9000:2191:3200:13:c079:7880:93a1
2602:803:c002:200::32
2606:4700:20::681a:97b
2606:4700:20::ac43:4b21
2606:4700:3034::ac43:d4ac
2606:4700::6811:190e
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::69
2607:f8b0:4004:c06::71
2607:f8b0:4004:c06::84
2607:f8b0:4004:c06::94
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::61
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c0b::9a
2607:f8b0:4004:c1b::64
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1d::5e
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:1ec:21::14
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:800::282
2a04:4e42::485
3.215.237.92
34.242.10.31
34.247.179.217
34.96.105.8
34.98.64.218
35.186.253.211
35.190.59.101
35.190.91.160
35.201.67.47
35.205.207.25
35.207.24.140
35.208.249.213
35.214.167.88
44.218.235.8
50.31.142.95
51.222.239.232
52.223.22.214
52.46.128.147
52.87.109.38
54.152.50.166
54.156.106.93
54.157.238.89
54.192.51.120
54.210.6.32
67.220.226.233
68.67.181.211
74.119.119.139
74.119.119.150
8.28.7.81
8.43.72.97
8.43.72.98
005fdfd3685a6dea398449f326f814f2e6de5e7133107b981a90b4e95584f72f
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
03d4b4af65e26ec3c9a8bf4f59f97a59e5b635065f3440f56a1ce2e59b0f7129
070a43606fd41106eddc18d4b8f9e8a61b1fc6ab016db86a51e6d9d84725e084
08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0de3bee4541d2a7407d5c84a4ca1b493b6be210a050afe7ef627deaf4d09ab7c
0e1830495ca7995e0749aec0797b8b9337ee1bb84c87e5fd5a83f1500e53ca40
119fa857acfc0042b09f8b1014786ba4b258d4878f2224c9c9c79466b15078aa
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1494fc9c9b96b642fc5080a6d4cf1c67f756f2d39f572e8bec11f85f50816300
15e21f72c9966cab46d76ee4b8fba118421dfb34dd67dbf2eef5b88d1b5e192d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
19b988d0f8f0e1c99983821e19ff56c5be742fcaca8437e03790db7b1aee93fc
1a70dbfb77425fbfcb960ae4bc0c61ca9ebd4efa26be65f3b3a8581ab5f38fd1
1f0368747e7f0178522953237eac8d3ddb7b0bf6603197175f87d8f550dacc8d
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
214444db74a1bb91efc8fdf7e4b6643f9b7182ca78fc43fe09e4746cc8ee5bee
22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1
2505df2707dd8fd2956fdb14ebec64050ce636df06f999cf04ba0ae1d1bdf475
28322f192e91e4154e6b87257070155a3d45e5dd5c77baeff3eac8c4e53700a2
29146175d67a90b39f14ce156498ccbb98cfcacf90bde241d72fe229ff770b77
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2aa682dee831fcc38b0cdc075022905f33102bfba6e53c4bdf53a47b79a4156b
2ec247a1b2275254c5400d53d5247110431bbf8579dc10dbbd4bade989731a67
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
30f626b7d89b4a108dea23a3840cb1f923334a36f485ebcc8075f06a79904cbb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ecdf42bc9232474c0c30f77d3b885b66d8c7f8b6ab1b52f51fa388b71a56d1
346f105886f8284a2307f7091610015f26348d7d286058ce967c01375847f5c8
359c434bb9040993aee695d1bc51dcdd0a1bb79d6e74ddf17da16e9bc4405ce0
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3872834c221af290619172524f3381c7d3680d25285b012373541ffa0ba7fa7b
38a0a3a58c0c1be90e6210105ee40bc5d6a097f0c09c25bfc1be017fec24702e
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d
3949e8c3f19db5278eba34665274221d5a7e8793529b8e99617237dc77e5a47d
3b08c7eb7ffd69d0f8be6530e551e116ec28be986094324bbc977d8ca81c19f1
3b338fbf485bc1725762943bf71cdd9eddb360f2c3490aa8b8d927a4521df315
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e731128d037561a0c97ab9a68781f7d0c74c8741239ae4b87f1b16859d37cd4
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42535129e8e2fe1e5d114cad3d5eb75d62ef43c5db564d108d7a09b19612f7f3
432c44c94186870826f56a7ecc040cbc4ae8e9eff1e7132dfd4a223fa4757b50
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e81482a58ff82f29af0e4448ba80104d539d344ae645737b86b5764b4c2800
45565342518890a25b46dee5e726ad773917bfcc17dab19f4d6455f4a4b9c722
455bc018a3976969625a41951ddaf748bdabd8c08197a7dbd8e55e775faa7ac6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47f9f9a25546e55e8c53d8b2142dccfa4420bf799a6e97af1e5866184761e9ac
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df1806ac4b2f3bc541bff7f263eb1e605447f9c73576d9b6dc2348e9a4a6165
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52843081ed86c80245ce48bf3373f8535fd3dd90bcb0d67f5e27624e1606efee
53c979baa68c9b4fcd97af1e6cb20df6991400f3f2a59c67af3b9758aa4b702b
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
5561b69e6df580176b0a8021f1b0e8950134b17f910d5f4902d50194e8aed3ab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58124f5d03982a049dd24f8a4a9ad1f30aa532d427394b51e784ccda9eebdb0c
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
589f17b5843d8c636990b9e4b668ef49a62056bc5f4439174906ca2424ccdd09
59e2a9cfe376bad82a6c11e2cad296a51950fe7a1342723d4766e6b02431f0f5
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5e57adf59378cad4916f5e731188e2bf2c246ccc0300dfee7577d61e3f1f0492
5eb2ea13e177269cb95cd5497443c659d11864331e3ad9bc0aeb562826fff36f
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
60416bd1acf530fc20c719e59d5d1f6da639d84d2207e301f614313806f27abe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d101801c1f9fdd8dddd032ea43c62fe911ddc06914c77ac8928b603f34c2e5
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d934fbd80a29a2e9a36e213caf54cc8e50e1023918da96e25ff8e96b55b3f4
6c63f712003edea05c69ddf2f9e469caed45882c33ebd1a154c712d0d15306c8
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6e8fa03ab596e71d025d9e2d7d4436d63820e1389c166ba4efceb31fb12928cc
6fe72f0325988c0cd0a95980e39a736390a3df7ef4bd036a27caf5d7ef7ff4b7
7316c9f4d49e26236b93f844761720c06a1e9a32de4eea83678381e3237e0947
73f6add564f8d8c794d4b1bd49749c1770990b44616591ea59ce7333cf05a574
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0
74653656581433002feaf65fc867dd9c4e984f9b20cfb07b0a5861cc4d57bf42
749c93c9b1c73c6882983673ac410bbb423b38ca2b915bfea9db74b4adfe2328
74b2262e2167995731797e377d48c41693f3c40e0271c33afc614f4de36662f9
79ab008ce8a2bc168eb11ece8d16e98847ff18b4308870a9c67dda2562f464a8
7a75d93e6abbf43570678523d28c87cafec18c31a61386915c511526e44c2f3d
7aded4b6fa758811cf06cf7ef6fb9478f1ab7481d62019afd68c244043868fbb
8015a89c7e50b71a6597cfc7bc2be462212ae1f57c37e40878a79e7550768ccd
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8788c5e11fcbe23813fdd727053b5311df2f922c7c2b76f318ce28409186910f
87f711a390809f6bef5c99ad1aa5456a08884e4ea31e3b485b6489709a58acf1
8914a15fb38f5f4e87b7cdb9ec68da9800afc7bbdbc04f1e76d48ffacb5f4aee
894e03b86d6f28a3c4ca1e370e9193dfb8af69215afd79a06a101279c454c4c4
8acdb8f5013444fc75a7f5138c7e1c35d12dbc6b45aad3ca144b94cf36588d13
8bd8becbff89b3eb57b3a6436955f9df5cab6e74db98ca1b6cdc7aa08875939a
8ec1354cc3f6369a90643d5de621f814996a62d6bf0635f60243928724ceb762
8ef5f3aeb4d51b6959d7b6ed733ef739b8e5547c00dfbfeac5d28d02f5f7198e
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91a08156cbe6d7ab937b8d779a7f83dbdfaaf9cebc8ef1057ae2e8d4fd0e29fe
93c5f44f6a03bd25863a6c4926d13cc937cbf029959de321611c74558b83686e
946544050aff51e47957742b6abb577879a4e376c7cb0bc9f6c3cfb86f40012e
94832ccc793a73db3129e5007f4b6afe98f96e563a5e38fe10193ac2141c687a
95518cddc4928e415c3ce1757d92d34522b3252d6cd1d6806d717edbb3eb80ae
95601b37f52a987327d696dbc9967bd4ca5f395bc30f85e44688dd0b5b11f7ca
98844050600b451536765c57fd68067fa7ce87e3e56d1fb3d910b8295476a0ca
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9d5418cd2aadd794dee573972191418cd3e9718312ec7890235dc2a15533f6f8
9e734d625964362a28120f3b4d5cfe5480839c8b5f2760d0f2c397b50c0d1c25
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a1d88e8b8af499c450916cb436c5bde6bdce2ca60be07720de8b10766b00c10b
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a47ca510e702a8bb97e5fdf139d5fc1b038e1613bba446a49905dbd653e8f028
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7fb0b00e340d96b1ef45b37b502f615d0332871d571ea5aca32d691d55319ed
a85012778e30f940eac45b05c1d43e32d0521f9709b3a2baeb8e4168b057f1f0
a8a3678d1cbd42068f43cfa92a182abb14841eece5b09c97a52e85fe210aae98
a933bc182f855ae9658a4d7ba6cdc8c242346f48119329d6f722a193894288ad
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abca060232f144f04c4e4d3546e2fc8c79cc2ba0e0ee64d28717b620e1404589
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2
ac48f5437335e7f5181805b97f44084fb92bd31c9e4e2f454b1d558328501379
ace259e3982f650bcefd30c745406e84774581082c5cb04a831befeba3577008
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afcd6ebf6cf7124e138218f69982d6c9ca1820345967c9263d243dbf5631d204
b1287a70a406f1c2408bb506f35f2bb22a7d64d68ad6ab0844e6db1ca358aafc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27b4b60b3e60991da0a05e106deed8ccd6f375938eb6e0ca50f4ab947b07434
be3291eb66d4513d5b162742f39c532cec84790122d5ff978db50ff2d7fc1525
bfce4c0391113cf5a77f4fd80b62e9926609d8747fce84615bc2d4cd5a391a01
bfe4be9ea91a5b4a8a17b46bffd3607dec62ef462cd582f384b7398f36947ba5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c389ae49082133005cbd002d4b8a7758f18d7b80796db16b065690e67456eda6
c3fa715a02d084b01f65b26cf38ec6bba93102a4831987d203295ffe38a788ec
c4176e1fc46c0f83489ebe75400171a7c8ce7418b20c2dc561fb710155324033
c47589e45f8daa3988494b038d9f6892108ea50d153b6b9085f2ba3843643fb4
c590dee405623c2daf174bd7302bfd61fd792b0261b2187d4ca2871272c4f604
c74a455889b324930dab4cabc50cc2df7133de55cdbaf539784c1ac5a300aefc
c7e738e72e6200beb9a5c3494e53eded8832687985d14e0a1726ec87056489f5
c9ef001654c00e8a76aa2ddcfcaf6717f22cc5f16f2dce85f0656fb8e5371b3a
cbbd6285bb18a8c92cc59574c958877754850f795f0f4dad205c79fd21d1d467
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce82c3639ea8b6e23e7b5500c60fc2985b33efd727b3600e5a59730c36891578
d3077011765285f6ffa716441507ef1538a722e0f5f16c86296ff966f31323d3
d40eae5a0305754ca9eab8fa2f9f94d52194c8e1f74fde91c51de5557ef785c6
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5f34e13552fb06a8c2920977b48ffc70e94d3e0df8f1b22eb9f006263280eec
d66a9e827146c7cffff75212032752172352dc9eca81efe3ff413eb9e008f73a
dc005d3b13a64f4cf4e396591d296112ec15827ffacf6c4dce6d65196d92f3d6
dc75f2706fb7e4032788cfce2022c9be9325316feec7b446d266333dd2341651
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd3b05151a16ad486f5d69bf946694e2a1f7f4dea72ce9088a5144d6c922d9d2
ddaa3b79f5c29441f8a66d1e929cc07f7f78244a5b8478f567f85cd130bc6614
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decfb6b65c936cb4e06e0d666c00db86f3c7a967686d2754c900cd86dca5e1c7
dff8be87b88dca2f9d4421f450f67b55d9173ebe620cbede5a93653c1587d138
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59336afb66547cc153b095bcc84b5451a5245fca489232bb29602ba84b6a72a
e7c535909ce3e6ac5c1728cce25a9c1de1c28bbd8e505ae71b74db66e3a9d841
e7e3fe6dce2265f8226a04225e24dfd295c2902a02c3db3f11f0bc4388038dbc
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
e99a8a063369005584285f4f0457211cfde5eb4f51d834c07e19bd711ab40adf
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0580f34f6b172c069980806a236823b1ccc356df21a5878782eee7fa73c860
ee0d4cf5856eacfa3afbf61f98294d6becb3ee6a3cf5a9fb91fc260a5d84c5ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f2451b3cd1f46d7596e57030f4c731c454c8bc80f1dd720c83b13fd8c04d747e
f2966780d964488ce801cd252ec0fcfc01281842f3b8302a6efa22d9ef308d10
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5f6d7bffcab0093129bfab94fc42ad82ed68a9d921d65c59b09962214a78dce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f893329df2f38b535023689dc8f6a9b5e6e906abaf1ebc723fe986360cc0013d
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
fe54bd43a49778844f11620aa0d691ae03aeb0770eaaa270a24b7f9737b9da1e