www.couriermail.com.au Open in urlscan Pro
23.195.152.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress/news...
Effective URL:
https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fq...
Submission: On December 07 via manual (December 7th 2022, 8:15:53 am UTC) from AU — Scanned from AU

Summary HTTP 337 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 77 IPs in 8 countries across 53 domains to perform 337 HTTP transactions. The main IP is 23.195.152.111, located in Singapore, Singapore and belongs to AKAMAI-AS, US. The main domain is www.couriermail.com.au. The Cisco Umbrella rank of the primary domain is 195014.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.

This is the only time www.couriermail.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 13	23.195.152.111 23.195.152.111	16625 (AKAMAI-AS) (AKAMAI-AS)
2 10	23.195.152.191 23.195.152.191	16625 (AKAMAI-AS) (AKAMAI-AS)
22	192.0.66.58 192.0.66.58	2635 (AUTOMATTIC) (AUTOMATTIC)
5	96.16.116.178 96.16.116.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	96.16.116.196 96.16.116.196	16625 (AKAMAI-AS) (AKAMAI-AS)
19	104.84.196.155 104.84.196.155	16625 (AKAMAI-AS) (AKAMAI-AS)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	23.9.177.173 23.9.177.173	16625 (AKAMAI-AS) (AKAMAI-AS)
9	13.35.8.34 13.35.8.34	16509 (AMAZON-02) (AMAZON-02)
1	34.196.212.12 34.196.212.12	14618 (AMAZON-AES) (AMAZON-AES)
11	54.186.170.143 54.186.170.143	16509 (AMAZON-02) (AMAZON-02)
1	52.35.21.164 52.35.21.164	16509 (AMAZON-02) (AMAZON-02)
1	63.140.36.139 63.140.36.139	16509 (AMAZON-02) (AMAZON-02)
1 1	52.76.102.190 52.76.102.190	16509 (AMAZON-02) (AMAZON-02)
2 4	104.254.150.228 104.254.150.228	29990 (ASN-APPNEX) (ASN-APPNEX)
14	13.33.33.55 13.33.33.55	16509 (AMAZON-02) (AMAZON-02)
1 1	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
2 4	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
9 16	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
4	74.125.68.156 74.125.68.156	15169 (GOOGLE) (GOOGLE)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1	18.155.68.45 18.155.68.45	16509 (AMAZON-02) (AMAZON-02)
1 10	142.251.10.100 142.251.10.100	15169 (GOOGLE) (GOOGLE)
9 17	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	23.72.44.196 23.72.44.196	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.192.150.4 54.192.150.4	16509 (AMAZON-02) (AMAZON-02)
2	184.28.235.216 184.28.235.216	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.35.14.254 13.35.14.254	16509 (AMAZON-02) (AMAZON-02)
3	13.35.8.99 13.35.8.99	16509 (AMAZON-02) (AMAZON-02)
1 1	199.127.207.182 199.127.207.182	26120 (RHYTHMONE) (RHYTHMONE)
2 2	18.141.80.142 18.141.80.142	16509 (AMAZON-02) (AMAZON-02)
1 1	52.206.63.211 52.206.63.211	14618 (AMAZON-AES) (AMAZON-AES)
1	52.26.190.74 52.26.190.74	16509 (AMAZON-02) (AMAZON-02)
1 1	23.8.97.76 23.8.97.76	16625 (AKAMAI-AS) (AKAMAI-AS)
6 16	142.250.4.104 142.250.4.104	15169 (GOOGLE) (GOOGLE)
12	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
8 8	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
33	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	142.251.12.92 142.251.12.92	15169 (GOOGLE) (GOOGLE)
2	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	63.140.36.117 63.140.36.117	16509 (AMAZON-02) (AMAZON-02)
1	18.155.68.56 18.155.68.56	16509 (AMAZON-02) (AMAZON-02)
2	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
2 3	103.231.98.194 103.231.98.194	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	103.71.26.125 103.71.26.125	132134 (SPOTX-AS-...) (SPOTX-AS-AP SpotXchange)
1	142.250.4.154 142.250.4.154	15169 (GOOGLE) (GOOGLE)
4	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
4	142.251.10.155 142.251.10.155	15169 (GOOGLE) (GOOGLE)
1	74.125.24.132 74.125.24.132	15169 (GOOGLE) (GOOGLE)
1	13.228.68.255 13.228.68.255	16509 (AMAZON-02) (AMAZON-02)
2 2	107.178.244.193 107.178.244.193	15169 (GOOGLE) (GOOGLE)
2	54.169.248.180 54.169.248.180	16509 (AMAZON-02) (AMAZON-02)
1	54.192.150.103 54.192.150.103	16509 (AMAZON-02) (AMAZON-02)
16	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	44.240.64.178 44.240.64.178	16509 (AMAZON-02) (AMAZON-02)
1	74.118.186.44 74.118.186.44	26120 (RHYTHMONE) (RHYTHMONE)
3	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
4	3.105.99.156 3.105.99.156	16509 (AMAZON-02) (AMAZON-02)
1	18.155.68.80 18.155.68.80	16509 (AMAZON-02) (AMAZON-02)
1	13.35.8.86 13.35.8.86	16509 (AMAZON-02) (AMAZON-02)
3	172.253.118.132 172.253.118.132	15169 (GOOGLE) (GOOGLE)
1	13.251.75.90 13.251.75.90	16509 (AMAZON-02) (AMAZON-02)
4	52.84.228.218 52.84.228.218	16509 (AMAZON-02) (AMAZON-02)
4	74.125.24.97 74.125.24.97	15169 (GOOGLE) (GOOGLE)
1	199.232.44.157 199.232.44.157	54113 (FASTLY) (FASTLY)
1	42.99.140.192 42.99.140.192	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2	106.10.236.37 106.10.236.37	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
3 6	172.217.194.149 172.217.194.149	15169 (GOOGLE) (GOOGLE)
5	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
6 6	52.74.162.2 52.74.162.2	16509 (AMAZON-02) (AMAZON-02)
2	106.10.236.146 106.10.236.146	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
3	104.254.151.68 104.254.151.68	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
20	172.217.194.100 172.217.194.100	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	13.35.8.26 13.35.8.26	16509 (AMAZON-02) (AMAZON-02)
4 4	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.100.194 104.18.100.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
3	3.73.8.30 3.73.8.30	16509 (AMAZON-02) (AMAZON-02)
337	77

13 23.195.152.111 (Singapore, Singapore) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-111.deploy.static.akamaitechnologies.com

www.couriermail.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
commerceapi.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.195.152.191 (Singapore, Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-191.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 192.0.66.58 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

dsf.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 96.16.116.178 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-116-178.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.116.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-116-196.deploy.static.akamaitechnologies.com

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.84.196.155 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-196-155.deploy.static.akamaitechnologies.com

subscriptions.couriermail.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.9.177.173 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-177-173.deploy.static.akamaitechnologies.com

a20352597942.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.35.8.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-34.sin5.r.cloudfront.net

subscriptions.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.212.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-212-12.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.186.170.143 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-170-143.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.21.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-21-164.us-west-2.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.36.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-139.data.adobedc.net

newscorpau.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.102.190 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-102-190.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.150.228 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.33.33.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-55.sin2.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.158.64 (Singapore, Singapore) 2 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.12.154 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-45.sin52.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.10.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f100.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.71.131.137 (United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.192.150.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-4.sin2.r.cloudfront.net

au-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.28.235.216 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-28-235-216.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.14.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-14-254.sin5.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.8.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-99.sin5.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.182 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.141.80.142 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.63.211 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-63-211.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.26.190.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-190-74.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.8.97.76 (Singapore, Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-8-97-76.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.4.104 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: sm-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.12.92 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-117.data.adobedc.net

metrics.couriermail.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-56.sin52.r.cloudfront.net

rm-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.231.98.194 (Japan) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.71.26.125 (Singapore, Singapore) 1 redirects

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net

9d0491d1fa772dbd92de3c6053a9f1cb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.68.255 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-68-255.ap-southeast-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.193 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.169.248.180 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-248-180.ap-southeast-1.compute.amazonaws.com

secure-sdk.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-103.sin2.r.cloudfront.net

pjskdfjym4egiv3p7onxajyuobcpa1670400942.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.64.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-64-178.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.105.99.156 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-99-156.ap-southeast-2.compute.amazonaws.com

au.pixel.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-80.sin52.r.cloudfront.net

ncg.tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.8.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-86.sin5.r.cloudfront.net

au.audience.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.251.75.90 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-75-90.ap-southeast-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.44.157 (Singapore, Singapore)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.192 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-192.pacnet.net

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 106.10.236.37 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: o1.ycpi.vip.sg3.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.194.149 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net

8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.74.162.2 (Singapore, Singapore) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 106.10.236.146 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spdc.pbp.vip.sg3.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.194.100 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f100.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.8.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-26.sin5.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.100.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.73.8.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-8-30.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	google.com 7 redirects news.google.com — Cisco Umbrella Rank: 6005 www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2771 adservice.google.com — Cisco Umbrella Rank: 87 play.google.com — Cisco Umbrella Rank: 28	502 KB
49	stripe.com js.stripe.com — Cisco Umbrella Rank: 1203 q.stripe.com — Cisco Umbrella Rank: 7246 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 6680 m.stripe.com — Cisco Umbrella Rank: 1181 r.stripe.com — Cisco Umbrella Rank: 4565	428 KB
27	couriermail.com.au 5 redirects www.couriermail.com.au — Cisco Umbrella Rank: 195014 subscriptions.couriermail.com.au metrics.couriermail.com.au	647 KB
26	doubleclick.net 12 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 234 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 8228261.fls.doubleclick.net — Cisco Umbrella Rank: 255612	169 KB
26	newscorpaustralia.com dsf.newscorpaustralia.com — Cisco Umbrella Rank: 579705 login.newscorpaustralia.com — Cisco Umbrella Rank: 181641	493 KB
22	news.com.au 2 redirects tags.news.com.au — Cisco Umbrella Rank: 53819 subscriptions.news.com.au — Cisco Umbrella Rank: 785810 ncg.tags.news.com.au — Cisco Umbrella Rank: 175389 commerceapi.news.com.au — Cisco Umbrella Rank: 862407	419 KB
21	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 364 js.adsrvr.org — Cisco Umbrella Rank: 1473 insight.adsrvr.org — Cisco Umbrella Rank: 611	19 KB
19	gstatic.com www.gstatic.com fonts.gstatic.com	672 KB
13	google.com.au www.google.com.au — Cisco Umbrella Rank: 20965 adservice.google.com.au — Cisco Umbrella Rank: 71188	2 KB
12	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 222 newscorpau.demdex.net — Cisco Umbrella Rank: 130382	16 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1131 sync-tm.everesttech.net — Cisco Umbrella Rank: 638	2 KB
8	yahoo.com 6 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 317 sp.analytics.yahoo.com — Cisco Umbrella Rank: 1253	2 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 9d0491d1fa772dbd92de3c6053a9f1cb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 144	42 KB
8	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 acdn.adnxs.com — Cisco Umbrella Rank: 627 secure.adnxs.com — Cisco Umbrella Rank: 486	10 KB
6	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 991	2 KB
6	imrworldwide.com cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2280 secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6542 pjskdfjym4egiv3p7onxajyuobcpa1670400942.nuid.imrworldwide.com	68 KB
6	serving-sys.com secure-ds.serving-sys.com — Cisco Umbrella Rank: 2495 bs.serving-sys.com — Cisco Umbrella Rank: 1365 lm.serving-sys.com — Cisco Umbrella Rank: 2388	28 KB
6	newscgp.com au.tags.newscgp.com — Cisco Umbrella Rank: 148909 au.pixel.newscgp.com — Cisco Umbrella Rank: 213449 au.audience.newscgp.com — Cisco Umbrella Rank: 235190	49 KB
5	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 170	38 KB
5	dotmetrics.net au-script.dotmetrics.net — Cisco Umbrella Rank: 51803 rm-script.dotmetrics.net — Cisco Umbrella Rank: 5309	41 KB
5	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 969	18 KB
4	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 458 www.linkedin.com — Cisco Umbrella Rank: 640	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	208 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	926 B
4	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1475 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588	3 KB
4	pubmatic.com 2 redirects image5.pubmatic.com — Cisco Umbrella Rank: 96294 image2.pubmatic.com — Cisco Umbrella Rank: 1051 simage2.pubmatic.com — Cisco Umbrella Rank: 723	889 B
4	rubiconproject.com 2 redirects token.rubiconproject.com — Cisco Umbrella Rank: 615 pixel.rubiconproject.com — Cisco Umbrella Rank: 351	3 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 322	2 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 756 a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 829209 logx.optimizely.com — Cisco Umbrella Rank: 1319	91 KB
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 592	488 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1122	367 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 499	7 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 496	713 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 620	1 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 468	381 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1262	17 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1437 beacon.krxd.net — Cisco Umbrella Rank: 601	529 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1083	1 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 968	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	112 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3051 pixel.wp.com — Cisco Umbrella Rank: 2711	3 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 613	396 B
1	t.co t.co — Cisco Umbrella Rank: 511	379 B
1	mookie1.com au-gmtdmp.mookie1.com — Cisco Umbrella Rank: 372839	639 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 967	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 550	99 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 735	378 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 575	502 B
1	scanscout.com 1 redirects dt.scanscout.com — Cisco Umbrella Rank: 35236	698 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1277	402 B
1	omtrdc.net newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 253199	272 B
1	api.news content.api.news — Cisco Umbrella Rank: 67964	38 KB
337	53

	Domain	Requested by
25	r.stripe.com	js.stripe.com
22	dsf.newscorpaustralia.com	www.couriermail.com.au dsf.newscorpaustralia.com subscriptions.couriermail.com.au
20	play.google.com	www.gstatic.com
16	www.gstatic.com	news.google.com pay.google.com www.gstatic.com www.google.com
16	www.google.com	6 redirects subscriptions.couriermail.com.au www.couriermail.com.au tpc.googlesyndication.com www.gstatic.com www.google.com
15	subscriptions.couriermail.com.au	www.couriermail.com.au subscriptions.couriermail.com.au
14	js.stripe.com	subscriptions.couriermail.com.au js.stripe.com
12	www.google.com.au	www.couriermail.com.au
12	googleads.g.doubleclick.net	6 redirects www.googleadservices.com www.googletagmanager.com
11	match.adsrvr.org	5 redirects www.couriermail.com.au js.adsrvr.org
11	dpm.demdex.net	tags.news.com.au www.couriermail.com.au
10	news.google.com	1 redirects subscriptions.couriermail.com.au news.google.com www.couriermail.com.au www.gstatic.com
10	tags.news.com.au	2 redirects tags.tiqcdn.com au.tags.newscgp.com
10	www.couriermail.com.au	5 redirects www.couriermail.com.au subscriptions.couriermail.com.au
9	subscriptions.news.com.au	client subscriptions.news.com.au
8	q.stripe.com	www.couriermail.com.au
8	sync-tm.everesttech.net	8 redirects
6	ups.analytics.yahoo.com	6 redirects
6	insight.adsrvr.org	4 redirects js.adsrvr.org
6	8228261.fls.doubleclick.net	3 redirects www.couriermail.com.au
6	tr.snapchat.com	1 redirects sc-static.net
5	www.googleadservices.com	secure-ds.serving-sys.com www.googletagmanager.com
5	tags.tiqcdn.com	www.couriermail.com.au subscriptions.couriermail.com.au tags.tiqcdn.com
4	www.googletagmanager.com	secure-ds.serving-sys.com
4	js.adsrvr.org	secure-ds.serving-sys.com insight.adsrvr.org
4	au.pixel.newscgp.com	au.tags.newscgp.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	adservice.google.com	securepubads.g.doubleclick.net 8228261.fls.doubleclick.net
4	www.facebook.com
4	pay.google.com	js.stripe.com pay.google.com www.couriermail.com.au www.gstatic.com
4	au-script.dotmetrics.net	tags.news.com.au au-script.dotmetrics.net
4	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects
4	ib.adnxs.com	2 redirects www.couriermail.com.au
4	login.newscorpaustralia.com	www.couriermail.com.au login.newscorpaustralia.com
3	lm.serving-sys.com	secure-ds.serving-sys.com
3	x.bidswitch.net	2 redirects js.adsrvr.org
3	px.ads.linkedin.com	3 redirects
3	secure.adnxs.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.gstatic.com	news.google.com www.google.com
3	pixel.rubiconproject.com	2 redirects
3	cdn-gl.imrworldwide.com	tags.news.com.au cdn-gl.imrworldwide.com
2	simage2.pubmatic.com	2 redirects
2	p.adsymptotic.com	1 redirects www.couriermail.com.au
2	cdn.linkedin.oribi.io	snap.licdn.com
2	commerceapi.news.com.au	subscriptions.couriermail.com.au
2	sp.analytics.yahoo.com	www.couriermail.com.au
2	s.yimg.com	www.couriermail.com.au s.yimg.com
2	secure-sdk.imrworldwide.com
2	pixel.tapad.com	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	metrics.couriermail.com.au	tags.news.com.au
2	dsum-sec.casalemedia.com	www.couriermail.com.au
2	ps.eyeota.net	2 redirects
2	sc-static.net	tags.tiqcdn.com tr.snapchat.com
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	ssum.casalemedia.com	2 redirects
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
1	www.linkedin.com	1 redirects
1	analytics.twitter.com	www.couriermail.com.au
1	t.co	www.couriermail.com.au
1	au-gmtdmp.mookie1.com
1	acdn.adnxs.com	www.couriermail.com.au
1	snap.licdn.com	www.couriermail.com.au
1	static.ads-twitter.com	www.couriermail.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	au.audience.newscgp.com	au.tags.newscgp.com
1	ncg.tags.news.com.au	au.tags.newscgp.com
1	sync.1rx.io
1	m.stripe.com	m.stripe.network
1	trc.taboola.com
1	pjskdfjym4egiv3p7onxajyuobcpa1670400942.nuid.imrworldwide.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	9d0491d1fa772dbd92de3c6053a9f1cb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	image2.pubmatic.com
1	rm-script.dotmetrics.net
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	dt.scanscout.com	1 redirects
1	image5.pubmatic.com
1	au.tags.newscgp.com	tags.tiqcdn.com
1	token.rubiconproject.com
1	d.turn.com	1 redirects
1	pixel.wp.com	www.couriermail.com.au
1	cm.everesttech.net	1 redirects
1	newscorpau.sc.omtrdc.net	tags.news.com.au
1	newscorpau.demdex.net	tags.news.com.au
1	logx.optimizely.com	cdn.optimizely.com
1	content.api.news	www.couriermail.com.au
1	a20352597942.cdn.optimizely.com	cdn.optimizely.com
1	stats.wp.com	www.couriermail.com.au
1	cdn.optimizely.com	www.couriermail.com.au
337	97

This site contains links to these domains. Also see Links.

Domain
www.newscorpaustraliaprivacy.com
subscription.newscorpaustralia.com
myaccount.news.com.au
www.dailytelegraph.com.au
www.heraldsun.com.au
www.adelaidenow.com.au
www.cairnspost.com.au
www.geelongadvertiser.com.au
www.goldcoastbulletin.com.au
www.ntnews.com.au
www.thechronicle.com.au
www.themercury.com.au
www.townsvillebulletin.com.au
www.theaustralian.com.au
www.news.com.au
preferences.news.com.au

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
dsf.newscorpaustralia.com R3	`2022-10-28` - `2023-01-26`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-06-07`	a year	crt.sh
subscriptions.news.com.au Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
logx.optimizely.com Amazon	`2022-07-24` - `2023-08-22`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-01-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-15` - `2022-12-14`	3 months	crt.sh
au.tags.newscgp.com Amazon	`2022-01-11` - `2023-02-08`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.dotmetrics.net Amazon	`2022-09-23` - `2023-10-21`	a year	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
metrics.couriermail.com.au DigiCert TLS RSA SHA256 2020 CA1	`2022-06-17` - `2023-07-18`	a year	crt.sh
*.google.com.au GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
www.newsconnect.com.au Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
au.audience.newscgp.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-28` - `2023-01-18`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-10` - `2023-02-10`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-10` - `2023-02-10`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
lm.serving-sys.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh

This page contains 47 frames:

Primary Page: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Frame ID: 1C6C09F168B943DB757CAEDC69B88BBF
Requests: 106 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: 346B3519BD46B12D0E68A05CB950E6E3
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: B635E32B0349D020AD66D889CC8C51AF
Requests: 22 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=0v9i7KoW6MBLSfe036YSQT79zA8Zaz4Y&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.couriermail.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=z~v4oCyz73n3EECgk4ptXIz.G_RPBq0h&nonce=zqMacf1Lw7YdLZsMXVhCkSZvMmwrNSkC&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: BFCDBD8E0D78C730478C139D320CEBF4
Requests: 3 HTTP requests in this frame

Frame: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
Frame ID: 4FCD305E3A3CDCC9308C37816F4C6049
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: D040BB02407C09CFA4F75CD412373D3B
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
Frame ID: 2A4DB78159282BA75BD2DC2A1EAAE303
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-38dc4e74a2fa5e49501493e539cbe040.html
Frame ID: 145160BDFF0D53E982C9435DA6E98609
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-04d1534596bfa6fd80b5913e4938ec02.html
Frame ID: C4BDE6435D5D3D84BB4332FB95FBE948
Requests: 5 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au
Frame ID: 88C17DD7F4665542D993D209D6A0DDC0
Requests: 15 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=66b6134c-df0f-446d-ae14-dffacf328b65&u_scsid=15f625a4-a7d9-4151-817e-0c6d3866b5c6&u_sclid=f6567421-af94-4338-a68c-6b908795d653
Frame ID: FCB4E06ECDD34EBA13BFBCDE1054C936
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B50D1F4BC36D422504C9980EA97B1C48
Requests: 4 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: C282FBB4B5956F479E2395B79AFE9478
Requests: 3 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=0v9i7KoW6MBLSfe036YSQT79zA8Zaz4Y&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fsubscriptions.couriermail.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=kx-M-BQXLDAiPvDmhHV4ZLtXF6S729az&nonce=NcsFJ7uEXdHlJ155kyZTObQIxgwnKgMD&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: CE8651F270F29094D3D85A56C0FBFF50
Requests: 3 HTTP requests in this frame

Frame: https://9d0491d1fa772dbd92de3c6053a9f1cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8DDEAFA52AFB9BB85360F411B0D8F4C4
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1669839997493&pnid=140&pcid=e41ca4a4-36ac-4a2b-8b5b-12c33b289dbb
Frame ID: 5534F66539190ED0578F4C0F4C6F897B
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 58CBFF75AA6C5450156D8BB85D61A261
Requests: 16 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 1F63754C701F025FFF93D20AE008A3AA
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: C9520F0D40A808D39A6D011195FF658A
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-1004271682
Frame ID: BC9FBBC9CBB46EF64ED0A8CDBAA6508C
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-930683048
Frame ID: C481C145425D9FDA00988B4071828A09
Requests: 6 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 6376099E90C88D9089DA169C24825099
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 4ACD9FFDE9F4B4589D96E9A7804F36B1
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-694655858
Frame ID: 1E29DAC3D5EEF8932F57A795E60C83E0
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-694655858
Frame ID: CB3A0880BE233BD5C9A7D8D840310661
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: B98703B195DDB4A2994D5BEA965D4A12
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 1B72AC5C62B8CE617C250DAFD8C619B9
Requests: 2 HTTP requests in this frame

Frame: https://s.yimg.com/wi/ytc.js
Frame ID: 4352DAB119530F074F9362B059D2DE70
Requests: 3 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3G2reI5_sCFVbAcwEdGS0NXQ;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222
Frame ID: EF9B281BC5997783DB7F9EC0998B9B0C
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLPE2reI5_sCFZTOcwEdbdMJVw;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745
Frame ID: D34AD3E07DDC339C5EE7294207A6DDD6
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNyx2reI5_sCFYap2AUd0EkHqQ;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016
Frame ID: ABDB8CA620ECF90F6688EC8066EF2A13
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 6C9DA72EED890563294DB2EC58B691D0
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: CD080FB70CA52995F9338D791507363A
Requests: 4 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d422f9a6-0459-4038-bc7f-595003711543&expiration=1672992945&gdpr=0&gdpr_consent=
Frame ID: C7DD2D1AE3935A51181293C58DE4F9DC
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=
Frame ID: 8CE141988D2AE6D01D27FD8003C370A6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=
Frame ID: FDB74142802C584ADA500D116C718362
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=
Frame ID: 920854B8AFC85C8AE6F636CE580535EB
Requests: 1 HTTP requests in this frame

Frame: https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10041060&js=no&url=couriermailshopfrontpage020419
Frame ID: 62DEFD10198AA8EA59665DE2296C2E1D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=rx108zq&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&upid=dd9kam9&upv=1.1.0
Frame ID: 9DDC61EEAB5E74607BB116C6E9B15823
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&upid=b5f7l8u&upv=1.1.0
Frame ID: 913686B5E667FE9BCB3D9A72F642F120
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A98898C98C9DCE0B3319D9ACA853A60
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA2C30D2AD8BCFA0B340A907B0B6CE3C
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: 5E144C56C09CA08ABCA30879A85B3790
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: E17E510F412653AB0CF0CC5B767E0EF3
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: 2800AC4D72F40BBDC64A404F37F4F980
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d422f9a6-0459-4038-bc7f-595003711543&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Frame ID: F184E6063F269BAF83BB747CB39DC212
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmNvdXJpZXJtYWlsLmNvbS5hdTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=g19uytvqm30s
Frame ID: 84BC5EAEE57C4CBDA461B6F360B8B725
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Couriermail.com.au | Subscribe to The Courier Mail for exclusive stories

Page URL History Show full URLs

https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-tr... HTTP 302
https://www.couriermail.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.couriermail.com.au%2fnews%2fq... HTTP 302
https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-tr... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.couriermail.com.au%2fne... HTTP 302
https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-tr... HTTP 302
https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.courierma... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.couriermail.com.au%2fsu... HTTP 302
https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.courierma... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

337
Requests

90 %
HTTPS

0 %
IPv6

53
Domains

97
Subdomains

77
IPs

8
Countries

4171 kB
Transfer

11729 kB
Size

106
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://www.newscorpaustraliaprivacy.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://subscription.newscorpaustralia.com/business/subscription/SMB/?sourceCode=CMWEB_SMB500
Title: Business Subscriptions

Search URL Search Domain Scan URL

URL: https://myaccount.news.com.au/couriermail/templateCampaign?campaignId=CM_GIFT_PURCHASE
Title: View gifting offers

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: dailytelegraph.com.au

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com.au/
Title: heraldsun.com.au

Search URL Search Domain Scan URL

URL: https://www.adelaidenow.com.au/
Title: advertiser.com.au

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: cairnspost.com.au

Search URL Search Domain Scan URL

URL: https://www.geelongadvertiser.com.au/
Title: geelongadvertiser.com.au

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: goldcoastbulletin.com.au

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: ntnews.com.au

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: thechronicle.com.au

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: themercury.com.au

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: townsvillebulletin.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: theaustralian.com.au

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/privacy
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress/news-story/95b88fb3210ef44b0f6d974820d8465f HTTP 302
https://www.couriermail.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.couriermail.com.au%2fnews%2fqueensland%2f140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2fnews-story%2f95b88fb3210ef44b0f6d974820d8465f HTTP 302
https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress/news-story/95b88fb3210ef44b0f6d974820d8465f HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.couriermail.com.au%2fnews%2fqueensland%2f140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2fnews-story%2f95b88fb3210ef44b0f6d974820d8465f&16704009322026327942 HTTP 302
https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress/news-story/95b88fb3210ef44b0f6d974820d8465f?nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400933 HTTP 302
https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.couriermail.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dCMWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3danonymous%26mode%3dpremium%26v21%3ddynamic-groupb-control-noscore%26V21spcbehaviour%3dappend&16704009341297504961 HTTP 302
https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://cm.everesttech.net/cm/dd?d_uuid=82652565260608639061565516155715088628 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5BLrAAAAI2JDAMg

Request Chain 43

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4966116814420207217

Request Chain 51

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=9118216207156592077

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODI2NTI1NjUyNjA2MDg2MzkwNjE1NjU1MTYxNTU3MTUwODg2Mjg= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODI2NTI1NjUyNjA2MDg2MzkwNjE1NjU1MTYxNTU3MTUwODg2Mjg=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEL110UUr95FkYoiA0r0N94&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 70

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.couriermail.com.au&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.couriermail.com.au&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d422f9a6-0459-4038-bc7f-595003711543

Request Chain 73

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5BLrVtVqcHEgDzdQdjl-QAA%264684

Request Chain 79

https://dt.scanscout.com/ssframework/uid?UIAA=82652565260608639061565516155715088628&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-e9832293cd4071b1e92d46e6ecaaebd4

Request Chain 80

https://ps.eyeota.net/match?bid=6j5b2cv&uid=82652565260608639061565516155715088628&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=82652565260608639061565516155715088628&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 81

https://usermatch.krxd.net/um/v2?partner=adobe&id=82652565260608639061565516155715088628 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=82652565260608639061565516155715088628

Request Chain 85

https://tags.bluekai.com/site/43981?id=82652565260608639061565516155715088628&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Request Chain 87

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=3577250282 HTTP 302
https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=3577250282&ipr=y

Request Chain 92

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVCTHJBQUFBSTJKREFNZw==

Request Chain 96

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5BLrAAAAI2JDAMg&expires=90

Request Chain 100

https://news.google.com/swg/_/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au HTTP 301
https://news.google.com/swg/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au

Request Chain 117

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5BLrAAAAI2JDAMg

Request Chain 127

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Y5BLrAAAAI2JDAMg

Request Chain 131

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5BLrAAAAI2JDAMg HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y5BLrAAAAI2JDAMg

Request Chain 134

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5BLrAAAAI2JDAMg

Request Chain 139

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5BLrAAAAI2JDAMg&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5BLrAAAAI2JDAMg&img=1&__user_check__=1&sync_id=5826743a-7607-11ed-adde-11edc3220107

Request Chain 149

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5BLrAAAAI2JDAMg&t=2592000&o=0

Request Chain 150

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1670400942778&u_scsid=298656df-ed1f-4488-9ebc-c3b97f0f09b8&u_sclid=9c2b3896-a34c-4e5d-9394-ea20b5764397 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1669839997493%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1669839997493%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1669839997493&pnid=140&pcid=e41ca4a4-36ac-4a2b-8b5b-12c33b289dbb

Request Chain 218

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3G2reI5_sCFVbAcwEdGS0NXQ;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222

Request Chain 219

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLPE2reI5_sCFZTOcwEdbdMJVw;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745

Request Chain 220

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNyx2reI5_sCFYap2AUd0EkHqQ;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016

Request Chain 223

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:sci0vsk&fmt=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDQyMmY5YTYtMDQ1OS00MDM4LWJjN2YtNTk1MDAzNzExNTQz&gdpr=0&gdpr_consent=&ttd_tdid=d422f9a6-0459-4038-bc7f-595003711543 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d422f9a6-0459-4038-bc7f-595003711543&google_gid=CAESEA1Es3AWdBv7xdr5m4tduMA&google_cver=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d422f9a6-0459-4038-bc7f-595003711543&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d422f9a6-0459-4038-bc7f-595003711543&expiration=1672992945&gdpr=0&gdpr_consent=

Request Chain 224

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:n3q6464&fmt=3 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d422f9a6-0459-4038-bc7f-595003711543&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=

Request Chain 225

https://insight.adsrvr.org/track/pxl/?adv=rx108zq&ct=0:nntfz5f&fmt=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=

Request Chain 226

https://insight.adsrvr.org/track/pxl/?adv=rx108zq&ct=0:0qafetv&fmt=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=

Request Chain 275

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=822178&time=1670400945145&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=822178&time=1670400945145&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D822178%26time%3D1670400945145%26url%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fsubscribe%252Fnews%252F1%252F%253FsourceCode%253DCMWEB_WRE170_a%2526dest%253Dhttps%25253A%25252F%25252Fwww.couriermail.com.au%25252Fnews%25252Fqueensland%25252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%25252Fnews-story%25252F95b88fb3210ef44b0f6d974820d8465f%2526memtype%253Danonymous%2526mode%253Dpremium%2526v21%253Ddynamic-groupb-control-noscore%2526V21spcbehaviour%253Dappend%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=822178&time=1670400945145&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&cookiesTest=true&liSync=true HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ea413614-ce1f-4642-9a22-3c64c39bb8e7 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ea413614-ce1f-4642-9a22-3c64c39bb8e7&_expected_cookie=4f5f0e6c7ae4109653bbcdf0b9a1b728

Request Chain 304

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=d422f9a6-0459-4038-bc7f-595003711543&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

Request Chain 305

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d422f9a6-0459-4038-bc7f-595003711543&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=d422f9a6-0459-4038-bc7f-595003711543&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

Request Chain 307

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=d422f9a6-0459-4038-bc7f-595003711543&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

Request Chain 314

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004271682/?random=24569524&cv=11&fst=1670400945477&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wydnCJjn5dgBEMLw794D&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=sUuQY5S4Nfy64t4P4sqb2AQ&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aamJBZHNDcVVwUGNxekgtWWk5Rlg5V19la0pHUGljMktOUmRhZWRDVEZrSExTV1RWSW5NZ19I HTTP 302
https://www.google.com/pagead/1p-conversion/1004271682/?random=24569524&cv=11&fst=1670400945477&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wydnCJjn5dgBEMLw794D&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aamJBZHNDcVVwUGNxekgtWWk5Rlg5V19la0pHUGljMktOUmRhZWRDVEZrSExTV1RWSW5NZ19I&is_vtc=1&ocp_id=sUuQY5S4Nfy64t4P4sqb2AQ&cid=CAQSKQDq26N9CWl6C9KX86tfRiqVBdIPpotygHpMVxkh8Kqd4YQWkZHgJ54WIBM&random=3597926200 HTTP 302
https://www.google.com.au/pagead/1p-conversion/1004271682/?random=24569524&cv=11&fst=1670400945477&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wydnCJjn5dgBEMLw794D&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aamJBZHNDcVVwUGNxekgtWWk5Rlg5V19la0pHUGljMktOUmRhZWRDVEZrSExTV1RWSW5NZ19I&is_vtc=1&ocp_id=sUuQY5S4Nfy64t4P4sqb2AQ&cid=CAQSKQDq26N9CWl6C9KX86tfRiqVBdIPpotygHpMVxkh8Kqd4YQWkZHgJ54WIBM&random=3597926200&ipr=y&prhg=0&ezwbk=AZuM4hARSoY9jE6bEnQqsWAPeIRJfyJpnjdb5dHI2VQdv8aDvtDJaN92MxErXOmwZzP8joc2bzsFT7QKvS0yCyBQDBuY

Request Chain 315

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/694655858/?random=1989309736&cv=11&fst=1670400945526&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=V1NFCNXEvbQBEPK2nssC&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=sUuQY_i0ONGBz7sPk_WYqAE&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9lNHZubzV0d2tSeUJpSU9jSUdFaFExUjVVNjZzSzRJdHd2c2kwMk05Z0xWWjRyM2R1bVZhamRf HTTP 302
https://www.google.com/pagead/1p-conversion/694655858/?random=1989309736&cv=11&fst=1670400945526&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=V1NFCNXEvbQBEPK2nssC&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9lNHZubzV0d2tSeUJpSU9jSUdFaFExUjVVNjZzSzRJdHd2c2kwMk05Z0xWWjRyM2R1bVZhamRf&is_vtc=1&ocp_id=sUuQY_i0ONGBz7sPk_WYqAE&cid=CAQSKQDq26N9_NHol7vSNfjwVIuUTBkGHPm-ahDTb0EUz6F7hHJn9cH3PNrIIBM&random=1598557136 HTTP 302
https://www.google.com.au/pagead/1p-conversion/694655858/?random=1989309736&cv=11&fst=1670400945526&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=V1NFCNXEvbQBEPK2nssC&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9lNHZubzV0d2tSeUJpSU9jSUdFaFExUjVVNjZzSzRJdHd2c2kwMk05Z0xWWjRyM2R1bVZhamRf&is_vtc=1&ocp_id=sUuQY_i0ONGBz7sPk_WYqAE&cid=CAQSKQDq26N9_NHol7vSNfjwVIuUTBkGHPm-ahDTb0EUz6F7hHJn9cH3PNrIIBM&random=1598557136&ipr=y&prhg=0&ezwbk=AZuM4hDK2AdNDZP5aWGDT499Q_kzUUtydruaAv7LZP-zXHI3i-EvOeAtjx3r3JRqOjc0EtlBHYQ9v-Mrvuzk9qeJ8oAy

Request Chain 316

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930683048/?random=279419665&cv=11&fst=1670400945711&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=7SdtCKz0xcwBEKix5LsD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=sUuQY4irOo_h3LUPzOKzwAQ&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aT2ZPYXRIM2dGbW9tM2s1RHh6YkVPTHNlcFI4aWVEcHBGWGhFTVhpTWdQMTB3TFVIaTA3SUN2 HTTP 302
https://www.google.com/pagead/1p-conversion/930683048/?random=279419665&cv=11&fst=1670400945711&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=7SdtCKz0xcwBEKix5LsD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aT2ZPYXRIM2dGbW9tM2s1RHh6YkVPTHNlcFI4aWVEcHBGWGhFTVhpTWdQMTB3TFVIaTA3SUN2&is_vtc=1&ocp_id=sUuQY4irOo_h3LUPzOKzwAQ&cid=CAQSKQDq26N9M7F3zBRy07mG0qAQcT7XLL4f8jToFpHI1IzU5TDMB2c9jmr8IBM&random=1430701575 HTTP 302
https://www.google.com.au/pagead/1p-conversion/930683048/?random=279419665&cv=11&fst=1670400945711&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=7SdtCKz0xcwBEKix5LsD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aT2ZPYXRIM2dGbW9tM2s1RHh6YkVPTHNlcFI4aWVEcHBGWGhFTVhpTWdQMTB3TFVIaTA3SUN2&is_vtc=1&ocp_id=sUuQY4irOo_h3LUPzOKzwAQ&cid=CAQSKQDq26N9M7F3zBRy07mG0qAQcT7XLL4f8jToFpHI1IzU5TDMB2c9jmr8IBM&random=1430701575&ipr=y&prhg=0&ezwbk=AZuM4hAcCfN17GFMakWqI_9iJUXhpPXEls6CUgx9JmtzhJY_QX6ccY-lCW_dX-eRGRGwVH0sxxmhkX2NfrbujKaw3eK4

Request Chain 332

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984324011/?value=1.00&label=RISNCM3WuwkQq6-u1QM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/984324011/?value=1.00&label=RISNCM3WuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1628459152 HTTP 302
https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=RISNCM3WuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1628459152&ipr=y

Request Chain 333

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1965605398 HTTP 302
https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1965605398&ipr=y

337 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.couriermail.com.au/subscribe/news/1/
Redirect Chain

https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress/news-story/95b88fb3210ef44b0f6d974820d8465f
https://www.couriermail.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.couriermail.com.au%2fnews%2fqueensland%2f140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2f...
https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress/news-story/95b88fb3210ef44b0f6d974820d8465f
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.couriermail.com.au%2fnews%2fqueensland%2f140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2f...
https://www.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress/news-story/95b88fb3210ef44b0f6d974820d8465f?nk=18ea50a1dfa37a3fbdebf8ed11c...
https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.couriermail.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dCMWEB_WRE170_a%26dest%3dhttps%253A%252F%252Fwww.couriermail...
https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-...

80 KB
14 KB

916ms
916ms

Document
text/html

23.195.152.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-111.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

27fc08b9e1225d23c8bd491676099e7c1994731ef5282d1c23248ecd324be876

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 12807
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.couriermail.com.au/csp-reports
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:35 GMT
expires: Wed, 07 Dec 2022 08:15:35 GMT
host-header: a9130478a60e5f9135f765b23f26593b
is-https: true
pragma: no-cache
server: nginx
strict-transport-security: max-age=600 ; includeSubDomains
vary: User-Agent Accept-Encoding
x-akamai-transformed: 9 81522 0 pmb=mTOE,2
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-opw: 4
x-powered-by: WordPress VIP <https://wpvip.com>
x-robots-tag: noindex, nofollow
x-rq: sin1 0 2 9980
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

cache-control: max-age=852
content-length: 154
content-type: text/html
date: Wed, 07 Dec 2022 08:15:34 GMT
etag: "33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server: AkamaiNetStorage

GET
H2 200 /
dsf.newscorpaustralia.com/couriermail/_static/ 102 KB
15 KB 302ms
97ms Stylesheet
text/css 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJyNy0EOQDAQheELqUETbMRZqp3IMC3pVKS3ZyNhZ/nnvQ/OXVGwfDgUsCLgSBJMvNlVMU3RxAySMmPpKZT3oYC3WAQ8OjLI6DGkT+xsMkbFOBub//F7e/eDRj/UbVc1na56fQGHg0Gm
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b11b65e2a747634f9b7ab321e8c96708af1e91f8e7f1496a79ef0defb5c60d40

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:36 GMT
x-rq: syd1 0 2 9980
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 20:44:43 GMT
server: nginx
age: 746
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-length: 14677

GET
H2 200 /
dsf.newscorpaustralia.com/couriermail/_static/ 297 KB
40 KB 381ms
195ms Stylesheet
text/css 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a0edbc043a900a936da9ed0295bc0ae0d86be2dbf380ac08077c1bc26a8182ea

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:36 GMT
x-rq: syd1 0 2 9980
content-encoding: gzip
last-modified: Tue, 06 Dec 2022 17:04:31 GMT
server: nginx
age: 1467
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-length: 40616

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/ 731 B
938 B 854ms
285ms Script
application/x-javascript 96.16.116.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.sync.js?ver=6.0.3
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-116-178.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 33f6e799863f911da9d141b4acb5c8a5b7fb1fbfca43db5cc200121989eea7d5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:38 GMT
last-modified: Thu, 21 Jul 2022 06:10:36 GMT
server: AkamaiNetStorage
etag: "e0467b000696967a7e7e20efd97b3691:1658383836.866819"
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 731
expires: Wed, 07 Dec 2022 08:20:38 GMT

GET
H2 200 rampart.js Show response
www.couriermail.com.au/remote/identity/rampart/latest/ 277 KB
83 KB 354ms
350ms Script
application/x-javascript 23.195.152.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.couriermail.com.au/remote/identity/rampart/latest/rampart.js?ver=6.0.3

Requested by

Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-111.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security: max-age=600 ; includeSubDomains
content-encoding: gzip
date: Wed, 07 Dec 2022 08:15:37 GMT
server: AkamaiNetStorage
etag: "b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary: User-Agent, Accept-Encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.couriermail.com.au/csp-reports
content-type: application/x-javascript
cache-control: max-age=802
is-https: true
x-opw: 4
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 07 Dec 2022 08:28:59 GMT

GET
H2 200 20352597942.js Show response
cdn.optimizely.com/js/ 301 KB
90 KB 1005ms
503ms Script
text/javascript 96.16.116.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20352597942.js?ver=6.0.3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.116.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-116-196.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

aef0f013ee3b3bd75a4cf57808ec9a7f68c09eced6466679a61fe3defc46fea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.couriermail.com.au/
Origin: https://www.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: W3zXb6jV1wcigryS5rDz5QvzBj1eTABc
content-encoding: gzip
date: Wed, 07 Dec 2022 08:15:36 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: SESQWV14MR78T6HY
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 708
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="240";dur=0,cdnip;desc="96.16.116.196";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 90888
x-amz-id-2: e6kjHLTngV1raVXHgiBL+n/EvRa9JJrTPVFiYj5rpU4iYgTRTSE12KISTiLIBUqATklTd58k+a4=
last-modified: Tue, 06 Dec 2022 05:21:09 GMT
server: AmazonS3
etag: "b48c102432374f083146036e10e3f852"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=0
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 / Show response
dsf.newscorpaustralia.com/couriermail/_static/ 98 KB
34 KB 461ms
276ms Script
application/javascript 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZuYGRubGBhXEWAK9kIh0=
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:36 GMT
x-rq: syd1 0 2 9980
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 20:44:43 GMT
server: nginx
age: 229
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-length: 34312

GET
H2 200 69c69c58 Show response
www.couriermail.com.au/akam/13/ 26 KB
10 KB 2788ms
2784ms Script
application/javascript 23.195.152.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.couriermail.com.au/akam/13/69c69c58

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-111.deploy.static.akamaitechnologies.com

Software

Resource Hash

ecd074236cf26b7418d8f4af1c1c75fb61e2e203fe259da38174c3fdd68c27d0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Wed, 07 Dec 2022 08:15:40 GMT
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security: max-age=600 ; includeSubDomains
content-encoding: gzip
date: Wed, 07 Dec 2022 08:15:40 GMT
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.couriermail.com.au/csp-reports
is-https: true
x-arrrg4: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
x-opw: 4
content-length: 8819
pragma: no-cache
x-bpath: OLD
blaizehappened: true
etag: "521be836606c079ca06ac48675f6d0e00456dae4165e5f3459c9b79fb0393fc6"
vary: User-Agent, Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
x-arrrg5: /blaize/decision-engine?path=https%3a%2f%2fwww.couriermail.com.au%2fakam%2f13%2f69c69c58&blaizehost=cdn.couriermail.newscorp.blaize.io&content_id=69c69c58&session=18ea50a1dfa37a3fbdebf8ed11c91e4c
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H2 200 subscribe-with-google.svg
dsf.newscorpaustralia.com/couriermail/wp-content/plugins/dynamic-shop-front/assets/common/images/ 7 KB
3 KB 110ms
108ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/couriermail/wp-content/plugins/dynamic-shop-front/assets/common/images/subscribe-with-google.svg
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 09522073c5b65206a3115d5cd52bb393ad0915bb1c7b5d6455c14bca8e21f99f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
age: 204
etag: W/"6376236b-1ceb"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2957
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 extended-access.js Show response
subscriptions.couriermail.com.au/google-loader/ 257 KB
65 KB 1085ms
313ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/google-loader/extended-access.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

dd2682228ab18d579812740579e93821f23b84ca69ece85ce6427a143fc3d78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 30 Aug 2022 05:33:01 GMT
x-amz-cf-pop: SIN5-C1
etag: "7211fda1d44c9296994ac6e51a8fa95b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: Jl8ozWtYQShGe-SBQxozKpabMqGKW2ioeJMBreFQ8kquQ18zEoItew==
content-length: 66264

GET
H2 200 loader.js Show response
subscriptions.couriermail.com.au/loader/ 261 KB
79 KB 523ms
522ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/loader/loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

f21fd3933691b5cc8049bd0a1cb908640f5c0c7b0a723d8d924e87fe06e695f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 11 Oct 2022 02:32:58 GMT
x-amz-cf-pop: SIN2-P1
etag: "b69e1d1161c5bd5e190ee34d7c024652"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: mYaWZglG1A90GmLxs7kD9R5E0e-Fuz3FPkHIenS0iz3tuaO_2K9n1g==
content-length: 80111

GET
H2 200 / Show response
dsf.newscorpaustralia.com/couriermail/_static/ 60 KB
17 KB 100ms
96ms Script
application/javascript 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/couriermail/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/js/dsf-front.build.js,/wp-content/themes/dynamic-shopfront/js/navigation.js?m=1668686699j
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e119e9797d74ca45555e33fabec6cba1a2c70c0e0e0960d48495cda61572b08

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
x-rq: syd1 0 2 9980
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
age: 6
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-length: 16816

GET
H2 200 e-202249.js Show response
stats.wp.com/ 9 KB
3 KB 297ms
96ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202249.js
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-nc: HIT syd
date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: br
server: nginx
etag: W/"61adb0c2-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 18:15:08 GMT

GET
H2 200 we-are-for-you.svg
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 4 KB
2 KB 102ms
101ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/we-are-for-you.svg
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 86e8ed098febe4691b72980ac9bb22f6370cd6fb7fd50f2fc3ca41f5a24c6ed7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
age: 192
etag: W/"6376236b-1177"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1934
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 logo.svg
dsf.newscorpaustralia.com/couriermail/wp-content/plugins/dynamic-shop-front/assets/mastheads/identity/images/couriermail/ 5 KB
2 KB 103ms
102ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/couriermail/wp-content/plugins/dynamic-shop-front/assets/mastheads/identity/images/couriermail/logo.svg
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d65e197f2a3fe68e8cec576d677ae42875725bbf2da432b93961f682f453b32e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
age: 212
etag: W/"6376236b-150c"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2168
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 a20352597942.html Show response
a20352597942.cdn.optimizely.com/client_storage/ Frame 346B 2 KB
1 KB 770ms
255ms Document
text/html 23.9.177.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js?ver=6.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.177.173 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-177-173.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

4401249648b5ad7b6664cdd30e58a3ec7de4ebca81b79fa9069339423d743ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 876
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 08:15:38 GMT
etag: "5e842dba80e9af159f2c186e291f12b2"
last-modified: Tue, 06 Dec 2022 05:21:06 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="241";dur=0,cdnip;desc="23.9.177.173";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: IqahcmAfbFIbxjPsgShdzUglFB/XQ+4gSHbcNU32dS8oFFbSE8Fw0sOa4OMv+9bkF1uiOPbsmx0=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: J9456A1DJG7G2GS6
x-amz-server-side-encryption: AES256
x-amz-version-id: fD80VreDyeLXJWicfu1ntFD9XUyLM2Gr

GET
H2 200 SourceSansPro-SemiBold.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 82 KB
82 KB 473ms
270ms Font
application/font-woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-SemiBold.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590

Request headers

Referer: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Origin: https://www.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
age: 48
x-cache: hit
content-length: 83897
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
etag: W/"6376236b-14808"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 SourceSansPro-Regular.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 83 KB
83 KB 473ms
271ms Font
application/font-woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Regular.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9

Request headers

Referer: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Origin: https://www.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
age: 47
x-cache: hit
content-length: 84664
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
etag: W/"6376236b-14aec"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 charter_bold-webfont.woff
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 28 KB
28 KB 473ms
272ms Font
application/font-woff 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/charter_bold-webfont.woff
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8640916aba1207e4fcff9c894252543689989434cd9fc0dabd4cee60b3e763a5

Request headers

Referer: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Origin: https://www.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
age: 94
x-cache: hit
content-length: 28403
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
etag: W/"6376236b-6f0c"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 charter_italic-webfont.woff
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 29 KB
29 KB 299ms
99ms Font
application/font-woff 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/charter_italic-webfont.woff
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fc8a6e495e7cd447608aea7e0cd59b0e79bd4e74822d428c53880ac0db6c469

Request headers

Referer: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Origin: https://www.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
age: 25
x-cache: hit
content-length: 29377
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
etag: W/"6376236b-72d4"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 SourceSansPro-Italic.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 35 KB
35 KB 435ms
235ms Font
application/font-woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Italic.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c33c60d014227b42c513820e6d750cced736cda305beb7d6a20e35afe502648c

Request headers

Referer: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Origin: https://www.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
age: 22
x-cache: hit
content-length: 35529
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
etag: W/"6376236b-8aa8"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 avatar.svg
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 264 B
317 B 102ms
97ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/avatar.svg
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e30565d344697a80f05882c11755c6d6a71626791bbc124df343b5edc7901312

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
age: 177
etag: "6376236b-108"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 264
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 29f483a755255af51736265bbed74784
content.api.news/v3/images/bin/ 38 KB
38 KB 772ms
726ms Image
image/webp 23.195.152.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/29f483a755255af51736265bbed74784?width=320
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-111.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9be9d9a49f8d212171a6c56b9ce00616cf66698f3e370a1ecfc3e711b8f9ddc0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:38 GMT
x-check-cacheable: YES
edge-cache-tag: 29f483a755255af51736265bbed74784
content-length: 38614
last-modified: Tue, 22 Nov 2022 04:11:59 GMT
server: Akamai Image Manager
x-serial: 996
etag: 6864eb319a05ec43bc5306be2c478471-29f483a755255af51736265bbed74784-320
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=3873228
x-o: CF
access-control-allow-headers: x-newsapi-api-key
expires: Sat, 21 Jan 2023 04:09:26 GMT

GET
H2 200 Masthead-Digital.png
dsf.newscorpaustralia.com/couriermail/wp-content/uploads/sites/70/2021/05/ 1 KB
1 KB 99ms
96ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/couriermail/wp-content/uploads/sites/70/2021/05/Masthead-Digital.png?w=251
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
x-rq: syd1 113 214 443
last-modified: Wed, 20 Jul 2022 16:27:13 GMT
server: nginx
etag: "fe15dfed4893e416"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1038
expires: Thu, 20 Jul 2023 16:27:13 GMT

GET
H2 200 icon-premium.png
dsf.newscorpaustralia.com/central/wp-content/uploads/sites/8/2021/05/ 286 B
350 B 157ms
156ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/central/wp-content/uploads/sites/8/2021/05/icon-premium.png?w=22
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2de22d2cce6ccf2563f2b8f8ebf6840fcb0915a8fbe0d3e88a4321b8d0b6b8ea

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
x-rq: syd1 113 117 443
last-modified: Wed, 20 Jul 2022 16:27:13 GMT
server: nginx
etag: "6f640ad3fb0d149b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 286
expires: Thu, 20 Jul 2023 16:27:13 GMT

GET
H2 200 Masthead-Digital.png
dsf.newscorpaustralia.com/couriermail/wp-content/uploads/sites/70/2021/05/ 1 KB
1 KB 157ms
156ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/couriermail/wp-content/uploads/sites/70/2021/05/Masthead-Digital.png
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
x-rq: syd1 113 214 443
last-modified: Wed, 20 Jul 2022 16:27:13 GMT
server: nginx
etag: "fe15dfed4893e416"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1038
expires: Thu, 20 Jul 2023 16:27:13 GMT

GET
H2 200 icon-faq-plus.png
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 466 B
550 B 156ms
155ms Image
image/png 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/icon-faq-plus.png
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
x-rq: syd1 0 2 9980
last-modified: Thu, 01 Sep 2022 11:41:13 GMT
server: nginx
age: 7313230
etag: "63109a59-1d2"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 466
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 charter_regular-webfont.woff
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 27 KB
27 KB 449ms
272ms Font
application/font-woff 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/charter_regular-webfont.woff
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ece70e751af05572df7513e5e904bcd69f32e7616718fec9e945a2e2924b8a26

Request headers

Referer: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Origin: https://www.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
age: 16
x-cache: hit
content-length: 27879
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:59 GMT
server: nginx
etag: W/"6376236b-6d00"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 SourceSansPro-Bold.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 82 KB
82 KB 447ms
271ms Font
application/font-woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Bold.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab

Request headers

Referer: https://dsf.newscorpaustralia.com/couriermail/_static/??-eJxljkkOwjAMRS+Ea8LQrhBnSVPThGZS7Qrl9oQIJBDL7/cH4yODSVEoCma/zS4yTiXq4AywTRlua6WomUkqcSxomHH0ySxVa+eLkKd51dli83aV7/CrViwF+m1tRjDW+QlZiqe/UNjg886dJGuzgFLduY2/D6/MNVxUP+yPp/4wqCc5rks+
Origin: https://www.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
content-encoding: gzip
age: 22
x-cache: hit
content-length: 83373
x-rq: syd1 0 2 9980
last-modified: Thu, 17 Nov 2022 12:04:58 GMT
server: nginx
etag: W/"6376236a-1460c"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 Masthead-Weekend-Bundle.png
dsf.newscorpaustralia.com/couriermail/wp-content/uploads/sites/70/2021/05/ 3 KB
3 KB 146ms
144ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/couriermail/wp-content/uploads/sites/70/2021/05/Masthead-Weekend-Bundle.png
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d2f2d74ade134115fcab943b8938a964cd758ee983d936fb12f6a8c95fdbfa5c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
x-rq: syd1 118 20 443
last-modified: Wed, 20 Jul 2022 16:27:13 GMT
server: nginx
etag: "bac83fd2f6a0b484"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3276
expires: Thu, 20 Jul 2023 16:27:13 GMT

GET
H2 200 icon-phone.png
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 337 B
390 B 146ms
146ms Image
image/png 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/icon-phone.png
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e1a4f2c605f26bcf80a2cd8e5d48e887c2062a53cd1d993cb05250223e386a6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:37 GMT
x-rq: syd1 0 2 9980
last-modified: Thu, 01 Sep 2022 11:41:13 GMT
server: nginx
age: 7313216
etag: "63109a59-151"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 337
expires: Thu, 07 Dec 2023 08:15:37 GMT

GET
H2 200 SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ 2 KB
2 KB 601ms
193ms Stylesheet
text/css 13.35.8.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-34.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: BU9pslV_1tk2oM9KNiljnrkOp3wYAVog
date: Wed, 07 Dec 2022 00:05:15 GMT
via: 1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 29424
etag: "2a13a755f725cea2c202bc30af451d10"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2173
x-amz-cf-id: qD2hmrBSBL_C47AapR8BZh_gykZUJ70OFbF2qRmJVSLvQzxRmMKLHg==

GET
H2 200 Charter.css
subscriptions.news.com.au/media/fonts/Charter/ 2 KB
2 KB 605ms
198ms Stylesheet
text/css 13.35.8.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-34.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 78tZPx9F6ldnoT3vI7OxzT3AZa.JXQqe
date: Tue, 06 Dec 2022 13:35:27 GMT
via: 1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:10 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 69999
etag: "9d796e9621f8bd2ea24552819973cb20"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1635
x-amz-cf-id: j6uEPY4RbDTZAh6a8qHPmIi0oVA6N5i-wGRY57cvN3sGi-tOqeWwPg==

GET
H2 200 adobe_visitor.js Show response
tags.news.com.au/prod/visitor/ 60 KB
20 KB 252ms
252ms Script
application/x-javascript 23.195.152.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.sync.js?ver=6.0.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:38 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "762b36524699d0c801c527b6e71f35e4:1593471758.804374"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=10265
content-length: 19871

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
367 B 1187ms
295ms XHR
text/plain 34.196.212.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js?ver=6.0.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.212.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-212-12.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 07 Dec 2022 08:15:39 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.couriermail.com.au
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: ebcca2c9-8876-41d0-8f3a-4e1bc0aad8d7

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 1092ms
274ms XHR
application/json 54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1670400938612

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

b1293ca153110b3ab55ddd026148bfee4a241567ea9941ad1019faac070a46e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-2-v041-00d91fd0b.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 9WBcUAk6T/U=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.couriermail.com.au
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1561
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame B635 7 KB
3 KB 1061ms
264ms Document
text/html 52.35.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.21.164 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-21-164.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-1-v041-0ce788a3f.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: t2UhmpBkTnI=
content-encoding: gzip
date: Wed, 7 Dec 2022 08:15:40 GMT
last-modified: Fri, 28 Oct 2022 11:03:09 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
newscorpau.sc.omtrdc.net/ 2 B
272 B 839ms
278ms XHR
application/x-javascript 63.140.36.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.sc.omtrdc.net/id?d_visid_ver=4.5.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=82676526178865686321563129374040596974&ts=1670400939712

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-139.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 08:15:40 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.couriermail.com.au
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y5BLrAAAAI2JDAMg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=82652565260608639061565516155715088628
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5BLrAAAAI2JDAMg

42 B
942 B

275ms
275ms

Image
image/gif

54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5BLrAAAAI2JDAMg

Requested by

Protocol

HTTP/1.1

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-0e437cb12.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nkCgDgjmSWQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5BLrAAAAI2JDAMg
Date: Wed, 07 Dec 2022 08:15:40 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 97ms
96ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=194448599&post=5&tz=11&srv=dsf.newscorpaustralia.com&hp=vip&j=1%3A11.5.1&host=www.couriermail.com.au&ref=&fcp=6572&rand=0.645202940660655
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Dec 2022 08:15:40 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame BFCD 2 KB
3 KB 513ms
506ms Document
text/html 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=0v9i7KoW6MBLSfe036YSQT79zA8Zaz4Y&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.couriermail.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=z~v4oCyz73n3EECgk4ptXIz.G_RPBq0h&nonce=zqMacf1Lw7YdLZsMXVhCkSZvMmwrNSkC&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D

Requested by

Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/remote/identity/rampart/latest/rampart.js?ver=6.0.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

cace896d3f9fb0b99e3b528d35ac15705f61d3206b40b1da8553ff7446ad1e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 775bd095cd658d22-KIX
content-encoding: gzip
content-length: 812
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type: text/html;charset=UTF-8
date: Wed, 07 Dec 2022 08:15:40 GMT
expires: Wed, 07 Dec 2022 08:15:40 GMT
ot-baggage-auth0-request-id: 775bd095cd658d22
ot-tracer-sampled: true
ot-tracer-spanid: 23ab738304394cc7
ot-tracer-traceid: 59d634894531d220
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-000000000000000059d634894531d220-23ab738304394cc7-01
tracestate: auth0-request-id=775bd095cd658d22,auth0=true
vary: Accept-Encoding
x-akamai-transformed: 9 543 0 pmb=mTOE,3
x-auth0-requestid: c2ff5f4eba54211bf00c
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1670400941

POST
H2 200 pixel_69c69c58 Show response
www.couriermail.com.au/akam/13/ 0
2 KB 1238ms
1238ms XHR
text/html 23.195.152.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.couriermail.com.au/akam/13/pixel_69c69c58

Requested by

Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/akam/13/69c69c58

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-111.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security: max-age=600 ; includeSubDomains
x-bpath: OLD
date: Wed, 07 Dec 2022 08:15:41 GMT
blaizehappened: true
vary: User-Agent
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.couriermail.com.au/csp-reports
content-type: text/html
is-https: true
x-arrrg5: /blaize/decision-engine?path=https%3a%2f%2fwww.couriermail.com.au%2fakam%2f13%2fpixel_69c69c58&blaizehost=cdn.couriermail.newscorp.blaize.io&content_id=pixel_69c69c58&session=18ea50a1dfa37a3fbdebf8ed11c91e4c
x-arrrg4: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
x-opw: 4
content-length: 0
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=4966116814420207217
dpm.demdex.net/ Frame B635
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4966116814420207217

42 B
942 B

263ms
263ms

Image
image/gif

54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=4966116814420207217

Protocol

HTTP/1.1

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v041-0f71e86b6.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: TjX7loUbTb0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 08:15:41 GMT
AN-X-Request-Uuid: 4388460d-c545-47a4-8813-9680682d1246
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=4966116814420207217
Connection: keep-alive
X-Proxy-Origin: 173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 403 csp-reports
login.newscorpaustralia.com/ 0
0 976ms
248ms Other
text/html 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/csp-reports
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-196-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

GET 6e39d6b0
login.newscorpaustralia.com/akam/13/ Frame BFCD 0
0

GET nPGwB
login.newscorpaustralia.com/kKr8esI_hQzVe46otMZ5JnJSaqc/EQicpb6DS7/NG4dCQE/TH1sEnJ/ Frame BFCD 0
0

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/ 53 KB
14 KB 281ms
281ms Script
application/x-javascript 96.16.116.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Requested by: Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/loader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-116-178.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 79b756468c447c159f7f8f05d4cf577e0ed8fffc556d90d50a79e084abc60ad6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:40 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 06:10:37 GMT
server: AkamaiNetStorage
etag: "553ace5180606aa33e06469996cd2f48:1658383837.243336"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 14456
expires: Wed, 07 Dec 2022 08:20:40 GMT

GET
H2 200 index.html Show response
subscriptions.couriermail.com.au/caas/ Frame 4FCD 753 B
1 KB 318ms
317ms Document
text/html 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/loader/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

5457f3c7135ada1ae4deea3d8022d3b59d7d9b45ad0e2c9a1acd5ac5431cf172

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store
content-length: 753
content-type: text/html
date: Wed, 07 Dec 2022 08:15:40 GMT
etag: "1e7d4d7faf5470fc071a81aec9fc555d"
expires: Wed, 07 Dec 2022 08:15:40 GMT
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
pragma: no-cache
strict-transport-security: max-age=600
x-amz-cf-id: lsK3OXA84qYwTdvfPKE8pFa2OAFk1CQBzk87VzhuUTYnuOL0jObHBA==
x-amz-cf-pop: SIN52-C2

GET
H2 200 / Show response
js.stripe.com/v3/ 400 KB
98 KB 631ms
221ms Script
text/javascript 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/loader/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6140f2a711f54f2a8386ee82853b7fd67f5b27c0b22e3fdf8c517bcec5215694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 08:15:10 GMT
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 35
x-cache: Hit from cloudfront
last-modified: Tue, 06 Dec 2022 23:59:38 GMT
server: Cloudfront
etag: W/"6f1136ac40a4c56f0657efc56e2e201e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: LgWlZ4Yp4xKTt5VhU-CxElvIG-H7JZ_gvKqJZM2628jCH1-ptG7oqA==

GET
H2 200 extended-access.js Show response
subscriptions.couriermail.com.au/google-loader/ 257 KB
65 KB 336ms
336ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/google-loader/extended-access.js

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/loader/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

dd2682228ab18d579812740579e93821f23b84ca69ece85ce6427a143fc3d78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 30 Aug 2022 05:33:01 GMT
x-amz-cf-pop: SIN5-C1
etag: "7211fda1d44c9296994ac6e51a8fa95b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: Jl8ozWtYQShGe-SBQxozKpabMqGKW2ioeJMBreFQ8kquQ18zEoItew==
content-length: 66264

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=9118216207156592077
dpm.demdex.net/ Frame B635
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=9118216207156592077

42 B
942 B

265ms
264ms

Image
image/gif

54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=9118216207156592077

Protocol

HTTP/1.1

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-0a5035977.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ERaGElG5RHw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=9118216207156592077
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame B635 0
718 B 771ms
194ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=82652565260608639061565516155715088628&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEEL110UUr95FkYoiA0r0N94&google_cver=1
dpm.demdex.net/ Frame B635
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODI2NTI1NjUyNjA2MDg2MzkwNjE1NjU1MTYxNTU3MTUwODg2Mjg=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODI2NTI1NjUyNjA2MDg2MzkwNjE1NjU1MTYxNTU3MTUwODg2Mjg=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEL110UUr95FkYoiA0r0N94&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

409ms
263ms

Image
image/gif

54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEL110UUr95FkYoiA0r0N94&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-0a5c37adc.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qavQltdlTfk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEL110UUr95FkYoiA0r0N94&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 262ms
261ms Script
application/x-javascript 23.195.152.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16704009411170.8907651762648112
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
content-encoding: gzip
date: Wed, 07 Dec 2022 08:15:41 GMT
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
content-length: 833
expires: Wed, 07 Dec 2022 08:15:41 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 246ms
246ms Script
application/x-javascript 23.195.152.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 07 Dec 2022 08:15:41 GMT
cache-control: max-age=52442
server: AkamaiNetStorage
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 187 KB
63 KB 335ms
335ms Script
application/x-javascript 23.195.152.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "789aa25e8122305509df6e8b6103f3c6:1666763008.613847"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=15555

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 109 KB
33 KB 314ms
312ms Script
application/x-javascript 23.195.152.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ba0e564570f1e6ad7b0582355fd1f8ec40e33ea1ce2a8ffacb304507f9d28b71

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "a0eb5e4f501b21dc91eec913b8f83034:1670288233.007848"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=51600
content-length: 33841

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 575ms
193ms Script
text/javascript 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

sffe /

Resource Hash

ccae0bf80f1f1b23720404f11760bc4ac99c1c7b8f2ee97fbbd3de1d763504cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27563
x-xss-protection: 0
server: sffe
etag: "1414 / 915 of 1000 / last-modified: 1670367953"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 07 Dec 2022 08:15:41 GMT

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 25 KB
10 KB 276ms
274ms Script
application/x-javascript 23.195.152.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=9751
content-length: 9840

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 589ms
195ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Dec 2022 08:15:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QvNEDpDEK2EokrlQDE9o7elzWiNTmvdJG0O4rQMWJE8BSOzCGR8cRVBixobeTqKtSsoIsGujjola7gTz7RqRsA==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 703ms
222ms Script
text/javascript 18.155.68.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-45.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 07:55:21 GMT
Content-Encoding: gzip
Via: 1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
Last-Modified: Mon, 21 Mar 2022 03:18:38 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN52-P1
Age: 1220
ETag: W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=3600
Connection: keep-alive
X-Amz-Cf-Id: G451KgHI0juZGeVMQM9jWeKFthrV2lk_-VHwGpmu_Mv5EPUepLCJ6Q==

GET
H2 200 nca_ipsos.js Show response
tags.news.com.au/prod/ipsos/ 25 KB
6 KB 264ms
262ms Script
application/x-javascript 23.195.152.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "2b9045a036305d0268317898151e53de:1667439593.577923"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=68374
content-length: 5801

GET
H2 200 utag.1061.js Show response
tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/ 2 KB
1 KB 273ms
272ms Script
application/x-javascript 96.16.116.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.1061.js?utv=ut4.46.201911200453
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-116-178.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91dd04ab55aed67616994390bc12b6dbcd57c623e80361eaaff62b8c8a13c7a4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
last-modified: Wed, 20 Nov 2019 04:53:24 GMT
server: AkamaiNetStorage
etag: "f0f828b8d0ed1ac28d069d5e771074ec:1574225604.462744"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 905
expires: Thu, 22 Dec 2022 08:15:41 GMT

GET
H2 200 utag.1070.js Show response
tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/ 3 KB
2 KB 276ms
275ms Script
application/x-javascript 96.16.116.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.1070.js?utv=ut4.46.201911250002
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-116-178.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8a53c31f97af961a4f76c93984b30a72682b91c036c631bf7251906cd13d599b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
last-modified: Mon, 25 Nov 2019 00:02:09 GMT
server: AkamaiNetStorage
etag: "33ce4c297815571e5b8016f3513371ab:1574640129.165016"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1334
expires: Thu, 22 Dec 2022 08:15:41 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ Frame 4FCD 21 KB
7 KB 574ms
189ms Stylesheet
text/css 142.251.10.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f100.1e100.net

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 08:23:20 GMT

GET
H2 200 runtime~main.js Show response
subscriptions.couriermail.com.au/caas/1.10.6/ Frame 4FCD 4 KB
2 KB 244ms
244ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/runtime~main.js?0518da4528600a3980ec

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

0e3286d769f8d725affdf8a7098415edc89f19a599c08d5922af8046cd2f2fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "ac53ffb948984ba787b7280a2286f309"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=32
accept-ranges: bytes
x-amz-cf-id: pJ4yUghSQE1dMXvEw3kTEAPIn_tVx4IcsFmiQ4nlUdALOommZ2lwQA==
content-length: 1883

GET
H2 200 33.js Show response
subscriptions.couriermail.com.au/caas/1.10.6/ Frame 4FCD 220 KB
71 KB 261ms
259ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/33.js?0518da4528600a3980ec

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

2b18e69e2b26bba597286ca0bff7398a9fcb561b84692e2a972994d597cd03d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "732cb39b24b559496fcb824924968daf"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=42
accept-ranges: bytes
x-amz-cf-id: KPDd5CHD5qxIFGXtqcMO8E7JCA6LUhLnfgcSRE1wbzmpMJCamazbyQ==
content-length: 72477

GET
H2 200 399.js Show response
subscriptions.couriermail.com.au/caas/1.10.6/ Frame 4FCD 205 KB
40 KB 334ms
333ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/399.js?0518da4528600a3980ec

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

40b0f6eae3e284a8a61b7b34889797a08022d118749cb3b50a8cf3e3cc6aedd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "e15f4bee07e96f5ef4ab5b0fe7b28359"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=15
accept-ranges: bytes
x-amz-cf-id: CGsyBdoIVx91bhi51OKTgJaLP53ruyS3LyR0HvYNCjkgxBHMRhMgVQ==
content-length: 40932

GET
H2 200 main.js Show response
subscriptions.couriermail.com.au/caas/1.10.6/ Frame 4FCD 12 KB
5 KB 334ms
333ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/main.js?0518da4528600a3980ec

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

c408fd10a5a7894d20a0e4968eb8b559f4ecc3d867303d258d57aa7dd559ebba

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "3b91ca7a5e89e32c6c41cc088d76ec54"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=24
accept-ranges: bytes
x-amz-cf-id: RmIPAhy_8tF1q7XZ7A_s1AcG49Pj1Ztmo3kpqCRAFxspX8MWmu1ipw==
content-length: 4636

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=d422f9a6-0459-4038-bc7f-595003711543
dpm.demdex.net/ Frame B635
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.couriermail.com.au&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.couriermail.com.au&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d422f9a6-0459-4038-bc7f-595003711543

42 B
942 B

274ms
273ms

Image
image/gif

54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=d422f9a6-0459-4038-bc7f-595003711543

Protocol

HTTP/1.1

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-0ac3bbcea.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bSKXyExSRlc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=d422f9a6-0459-4038-bc7f-595003711543
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 149 KB
46 KB 501ms
204ms Script
text/javascript 142.251.10.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/google-loader/extended-access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f100.1e100.net

Software

sffe /

Resource Hash

32cb22ea1f577c791feee8c622ce1746e2c72d0a8d1302171c957c6cf9177683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46940
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 20:37:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 09:03:29 GMT

GET
H2 500 usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame B635 0
0 835ms
280ms Image
text/html 23.72.44.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-44-196.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=Y5BLrVtVqcHEgDzdQdjl-QAA%264684
dpm.demdex.net/ Frame B635
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5BLrVtVqcHEgDzdQdjl-QAA%264684

42 B
942 B

273ms
273ms

Image
image/gif

54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5BLrVtVqcHEgDzdQdjl-QAA%264684

Protocol

HTTP/1.1

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-0ad808d7b.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kaWCB1grSF8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rchgevvKQFR5gCzbvjfGItqGwywpd7pFSganfKUSweVFelbkrOimEtbmhsP%2FIDjpezXjjdEgJ46AHGH5xH%2FAkbBtmgjWsN95b3xEGHyTLEiHm7DAAggdZXJs5dfyE%2BAKLx1MsLCo"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5BLrVtVqcHEgDzdQdjl-QAA%264684
cache-control: no-cache
cf-ray: 775bd09f3e5355ab-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 door.js Show response
au-script.dotmetrics.net/ 10 KB
4 KB 800ms
292ms Script
application/javascript 54.192.150.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/door.js?id=13065
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-4.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: c03baf8e87a71b974c535cf833b69a681a18f1601b49d9500b0a7085ccec4dfb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
content-encoding: br
via: 1.1 d103b7ce7f019a66fa1afbceb8b1f1c0.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "13065...218.2022120708"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: application/javascript
cache-control: private
x-amz-cf-id: DVQf8IH0ARLwmfpnL5E712B4pVqXa8DQkZFNoA9XWYlGpGRRISxHPA==

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 72 KB
22 KB 838ms
273ms Script
application/javascript 184.28.235.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.235.216 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-235-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
content-encoding: gzip
last-modified: Sun, 04 Dec 2022 12:49:58 GMT
server: AmazonS3
x-amz-request-id: VBSGRMDGRMTATJDJ
x-amz-cf-pop: ATL58-P1
etag: "35540205d0226005e7cee3000c54ae8f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: EUbtxkrcE1cKQzu7ZKs1tD2beamQSVDnt1xDcYZja63v86LbG_BGNw==
x-amz-id-2: l/gSRa5XquhGfXrcUKta7HP7iDuMtOTx8XKIN+IsOqP1UxdcsJYoJpFXlDIZt2GxhLkxqy5DkAo=
content-length: 21840

GET
H2 200 scevent.min.js Show response
sc-static.net/ 27 KB
12 KB 623ms
214ms Script
application/javascript 13.35.14.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-14-254.sin5.r.cloudfront.net
Software: CloudFront /
Resource Hash: 842c040a3cc90e5c4f5bd7f571b9e725ab64c9b42595e57cddd56fd5d6cbbaec

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
via: 1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN5-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 11972
x-amz-cf-id: R7ALZAfSSA-gyLjnWHMDfQZ-tfzDKj8lR351JihbP4-QLy9jbQYSbg==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 270ms
269ms Script
application/x-javascript 96.16.116.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/tcm.sops/202207210610&cb=1670400941408
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/tcm.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.116.178 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-116-178.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:41 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 07 Dec 2022 08:25:41 GMT

GET
H2 200 P2BB92677-1922-4DBE-B13B-691D7AB311D0.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 601ms
196ms Script
application/javascript 13.35.8.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P2BB92677-1922-4DBE-B13B-691D7AB311D0.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-99.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7a9449b47b4e267c9d57f9505f35404d77683e92a9e2afb43c77ff6eceb046c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:04:08 GMT
x-amz-version-id: q1uUqFWbv2zflxMW_LJLlH9DY90FY89C
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 07:15:51 GMT
server: AmazonS3
via: 1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
etag: W/"af8c0bd42fba36943c13ae46411db163"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,s-maxage=86400
age: 693
x-amz-cf-id: 4lFdSwAvWkxCLwgvHLprJy0rz_EDt2r1qZa5iGxN20V7JhvXdOL7aw==

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-e9832293cd4071b1e92d46e6ecaaebd4
dpm.demdex.net/ Frame B635
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=82652565260608639061565516155715088628&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-e9832293cd4071b1e92d46e6ecaaebd4

42 B
942 B

264ms
264ms

Image
image/gif

54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-e9832293cd4071b1e92d46e6ecaaebd4

Protocol

HTTP/1.1

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-0439ffaf9.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QlabLVxYSiY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-e9832293cd4071b1e92d46e6ecaaebd4
Date: Wed, 07 Dec 2022 08:15:42 GMT
useSecure: true
Server: openresty/1.19.9.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame B635
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=82652565260608639061565516155715088628&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=82652565260608639061565516155715088628&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

263ms
262ms

Image
image/gif

54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-0e2f229f4.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zG5QQwyURwM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 303,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Wed, 07 Dec 2022 08:15:42 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame B635
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=82652565260608639061565516155715088628
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=82652565260608639061565516155715088628

0
338 B

844ms
272ms

Image
text/plain

52.26.190.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=82652565260608639061565516155715088628
Protocol: H2
Server: 52.26.190.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-190-74.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-served-by: beacon-n010-pdx-prod.krxd.net
date: Wed, 07 Dec 2022 08:15:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1670400943
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=82652565260608639061565516155715088628
date: Wed, 07 Dec 2022 08:15:42 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H2 200 SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FCD 2 KB
2 KB 193ms
193ms Stylesheet
text/css 13.35.8.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-34.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: BU9pslV_1tk2oM9KNiljnrkOp3wYAVog
date: Wed, 07 Dec 2022 00:05:15 GMT
via: 1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 29427
etag: "2a13a755f725cea2c202bc30af451d10"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2173
x-amz-cf-id: xWi9pylPSETJHBGi72LQxHWTvaX4SuO5iKaImuF38k7hgJwQNjhI_g==

GET
H2 200 Charter.css
subscriptions.news.com.au/media/fonts/Charter/ Frame 4FCD 2 KB
2 KB 200ms
200ms Stylesheet
text/css 13.35.8.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-34.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 78tZPx9F6ldnoT3vI7OxzT3AZa.JXQqe
date: Tue, 06 Dec 2022 13:35:27 GMT
via: 1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:10 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 70002
etag: "9d796e9621f8bd2ea24552819973cb20"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1635
x-amz-cf-id: Dls4ekHXLm6haiUE3zeUc5YWFRlrGpvRo6vw3djVvgKFL8McV0snGg==

GET
H2 200 env.json Show response
subscriptions.couriermail.com.au/caas/1.10.6/config/ Frame 4FCD 1 KB
1 KB 280ms
279ms XHR
application/json 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/config/env.json

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/33.js?0518da4528600a3980ec

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ac972a09f7caaa1a2405c1ff7939e29b552d5f4f72c32886f32ce7df302344d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Accept: application/json, text/plain, */*
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:41 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "8429c17b53e4b8346af9123c7d21ce16"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: Jc3GjVSbDBMOZu7TsETV7e-UJDNXdeXf91nRZv79ZsyeHzhnOj3gYA==
content-length: 765
expires: Wed, 07 Dec 2022 08:15:41 GMT

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame B635
Redirect Chain

https://tags.bluekai.com/site/43981?id=82652565260608639061565516155715088628&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

42 B
960 B

273ms
272ms

Image
image/gif

54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Protocol

HTTP/1.1

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-039f2e248.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: znhtmgJwSgE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 303,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date: Wed, 07 Dec 2022 08:15:42 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 319ms
274ms XHR
application/json 54.186.170.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=82676526178865686321563129374040596974&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=newsnkidcookie%0118ea50a1dfa37a3fbdebf8ed11c91e4c%011&ts=1670400941817

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.170.143 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-170-143.us-west-2.compute.amazonaws.com

Software

Resource Hash

083b006f677b7f52e3395848f70d474b791ca7654dd6ce94b4598445ccb1d94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-1-v041-0520f31c7.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: VONuHN5BScc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.couriermail.com.au
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1562
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
www.google.com.au/pagead/1p-user-list/984324011/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=3577250282
https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=3577250282&ipr=y

42 B
548 B

585ms
200ms

Image
image/gif

172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=3577250282&ipr=y

Protocol

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=3577250282&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame D040 200 B
1 KB 199ms
196ms Document
text/html 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3178
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 07:22:44 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 06 Dec 2022 23:37:16 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-id: tBV_qK0T5UqqT-Lxa5u3l6aACpts4O6ckdxGsknQAPbhNcTy-4DZvw==
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-78fb6846519810d50422a59ab436e803.html Show response
js.stripe.com/v3/ Frame 2A4D 325 B
1 KB 196ms
196ms Document
text/html 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

503932efe9407801a99edbaa5feb8096d083802d241afd9527fded3a8e469a7f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 08:15:39 GMT
etag: "78fb6846519810d50422a59ab436e803"
last-modified: Tue, 06 Dec 2022 23:37:05 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-id: DvvphHAfhhHpGzfrDYmYy5EPd2IDn_ofzsa_BPrlm4rQqFs1_C-gJw==
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-38dc4e74a2fa5e49501493e539cbe040.html Show response
js.stripe.com/v3/ Frame 1451 408 B
1 KB 204ms
196ms Document
text/html 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-38dc4e74a2fa5e49501493e539cbe040.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

62ba64a8589ec9a896c9b2d56362c9e74a0fe4dc5631cb5537e9f41fc8700f6b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2130
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 07:40:14 GMT
etag: "38dc4e74a2fa5e49501493e539cbe040"
last-modified: Tue, 06 Dec 2022 23:37:16 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-id: eMBN9zwUTKCNasDDeugqxFuXWPu12-sgfQwkOXvFphuMtNtZDX0ltg==
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-04d1534596bfa6fd80b5913e4938ec02.html Show response
js.stripe.com/v3/ Frame C4BD 344 B
1 KB 211ms
206ms Document
text/html 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-04d1534596bfa6fd80b5913e4938ec02.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fa896f1c76d78f7035f40a0edd707a70a6219b497ae50fe54f0ef1448b2afb22

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 08:15:42 GMT
etag: "04d1534596bfa6fd80b5913e4938ec02"
last-modified: Tue, 06 Dec 2022 23:37:16 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-id: nZP6WaqzcBjUzxbb3Er8s_rlGtt2rAtW-clSVRRE6eXa3qcLfFnn5w==
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B635
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVCTHJBQUFBSTJKREFNZw==

170 B
188 B

196ms
195ms

Image
image/png

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVCTHJBQUFBSTJKREFNZw==

Protocol

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-syd10179-SYD
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1670400942.163017,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVCTHJBQUFBSTJKREFNZw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 pubads_impl_2022120101.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 191ms
190ms Script
text/javascript 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

sffe /

Resource Hash

c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133241
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 09:36:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Dec 2023 12:02:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 126 B
105 B 573ms
192ms XHR
application/json 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.couriermail.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

cafe /

Resource Hash

6672b4fd2eaa1626ead3f7d082ef77ce9c4645544c395261343dbe57e319c2a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Wed, 07 Dec 2022 08:15:42 GMT

GET
H2 200 683769168692807 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 196ms
195ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/683769168692807?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

bf3a5997c85f4facbaa67f6ea36cd6bb516588fccba7037345efb84258c46c1d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 07 Dec 2022 08:15:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86430
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 3AIDD3g+nt1/y37Wd5pTS41cX9FP9ZAAGOIUO2SwZ7h7LJEe47e0yBOeTMhvks01M+81UfMkTNgD0Y1WTCBWJg==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B635
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5BLrAAAAI2JDAMg&expires=90

42 B
797 B

821ms
194ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5BLrAAAAI2JDAMg&expires=90
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-syd10179-SYD
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1670400942.163133,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5BLrAAAAI2JDAMg&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 65 B
353 B 1079ms
279ms XHR
text/plain 23.195.152.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-191.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
server: AkamaiNetStorage
etag: "519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary: Origin, Origin, Origin
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: text/plain
access-control-allow-origin: https://www.couriermail.com.au
cache-control: max-age=1214
content-length: 65

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 490ms
189ms Stylesheet
text/css 142.251.10.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f100.1e100.net

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 08:23:20 GMT

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 494ms
193ms Other
image/svg+xml 142.251.10.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f100.1e100.net

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 08:53:27 GMT

GET
H3

200

serviceiframe Show response
news.google.com/swg/ui/v1/ Frame 88C1
Redirect Chain

https://news.google.com/swg/_/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au
https://news.google.com/swg/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au

25 KB
8 KB

210ms
209ms

Document
text/html

142.251.10.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f100.1e100.net

Software

ESF /

Resource Hash

525eaa1c6d01f46234e88c1a4c0d2a09eda5456ece5742f29000ade04c032da8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4QHWPunQ02FrDYFUqaYEKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4QHWPunQ02FrDYFUqaYEKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Wed, 07 Dec 2022 08:15:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-zzrSXEnNv2RGste6ifaCfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: application/binary
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Wed, 07 Dec 2022 08:15:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/swg/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rampart.js Show response
www.couriermail.com.au/remote/identity/rampart/latest/ Frame 4FCD 277 KB
83 KB 308ms
308ms Script
application/x-javascript 23.195.152.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.couriermail.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/main.js?0518da4528600a3980ec

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-111.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security: max-age=600 ; includeSubDomains
content-encoding: gzip
date: Wed, 07 Dec 2022 08:15:42 GMT
server: AkamaiNetStorage
etag: "b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary: User-Agent, Accept-Encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.couriermail.com.au/csp-reports
content-type: application/x-javascript
cache-control: max-age=603
is-https: true
x-opw: 4
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Wed, 07 Dec 2022 08:25:45 GMT

GET
H2 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/couriermail.com.au/ 2 B
525 B 507ms
205ms Fetch
application/json 142.251.10.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/couriermail.com.au/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f100.1e100.net

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.couriermail.com.au
report-to: {"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame FCB4 672 B
579 B 410ms
202ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=66b6134c-df0f-446d-ae14-dffacf328b65&u_scsid=15f625a4-a7d9-4151-817e-0c6d3866b5c6&u_sclid=f6567421-af94-4338-a68c-6b908795d653

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: gzip
content-type: text/html
date: Wed, 07 Dec 2022 08:15:42 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google
x-envoy-upstream-service-time: 9

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 81 B
483 B 401ms
192ms XHR
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=66b6134c-df0f-446d-ae14-dffacf328b65&tld=au

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

b75447cb38ef41b1b3b31e18c5f61ce393365be3631c6c880acb76b4445d2571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.couriermail.com.au
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 195 KB
55 KB 225ms
224ms Script
application/javascript 13.35.8.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P2BB92677-1922-4DBE-B13B-691D7AB311D0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-99.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding: gzip
via: 1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
date: Wed, 07 Dec 2022 08:03:33 GMT
x-amz-cf-pop: SIN5-C1
age: 730
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 28 Sep 2022 14:09:01 GMT
server: AmazonS3
etag: W/"81a9e2a298d0019660cb2966f0c24748"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: ZpprJKuxT9RRqpb5xmCemEHcCrXyQHq-34MdcMnL2EiP5eyRxNgutA==

POST
H2 200 csp-report
q.stripe.com/ Frame D040 0
570 B 1113ms
546ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D040 0
570 B 1106ms
540ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D040 631 B
1 KB 194ms
194ms Script
text/javascript 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 07 Dec 2022 07:54:51 GMT
x-content-type-options: nosniff
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1251
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 02 Dec 2022 21:10:13 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: DAuDc4yU-uRUNAmT62hjIQKfCy2u7pLw-j6zZ92-VcIUz5-sBd7RCQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 2A4D 0
571 B 1093ms
535ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-976124c48ece5d1509a4173f901dafda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A4D 294 KB
66 KB 213ms
210ms Script
text/javascript 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5f29bbb03d81835920ce91ae962981dbaa21d29646d0f23496990e53df9410bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 07:39:57 GMT
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2204
x-cache: Hit from cloudfront
last-modified: Tue, 06 Dec 2022 23:37:16 GMT
server: Cloudfront
etag: W/"62a84552bc785c288c347ebb38300d6d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: pPkkunJ4jDWSrrkOatkxo-HZq85tpg5QixlRmnOXSqw0LhP1VdNwlw==

GET
H2 200 controller-67c708f2f16cc22c7e462cfa14c45cde.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A4D 441 KB
107 KB 283ms
281ms Script
text/javascript 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-67c708f2f16cc22c7e462cfa14c45cde.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1ef2f48fd67df5e82f2d1510b4032ca3b26ead2b047e039e8b13d5b6ad2ca8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 07:39:57 GMT
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2205
x-cache: Hit from cloudfront
last-modified: Tue, 06 Dec 2022 23:37:14 GMT
server: Cloudfront
etag: W/"57ebf4bbda8f9d839654d5aab7f78add"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Pj3iho_qHZIArVS-mVOvHNlmwetJf3gE5HZlBhkClG_Ds2HimE5dEg==

POST
H2 200 csp-report
q.stripe.com/ Frame 1451 0
570 B 1101ms
551ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1451 0
570 B 1101ms
552ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 1451 102 KB
33 KB 648ms
262ms Script
application/javascript 142.251.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-38dc4e74a2fa5e49501493e539cbe040.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f92.1e100.net

Software

ESF /

Resource Hash

c413481b097d186faa4edfe7ebbc0f29aeba2fa9742c8a05377cce87b14f3e18

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g8V5cutuKJopXxSV4B1KFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-g8V5cutuKJopXxSV4B1KFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 07 Dec 2022 08:15:42 GMT

GET
H2 200 shared-976124c48ece5d1509a4173f901dafda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1451 294 KB
66 KB 425ms
425ms Script
text/javascript 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-38dc4e74a2fa5e49501493e539cbe040.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5f29bbb03d81835920ce91ae962981dbaa21d29646d0f23496990e53df9410bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-38dc4e74a2fa5e49501493e539cbe040.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 07:39:57 GMT
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2204
x-cache: Hit from cloudfront
last-modified: Tue, 06 Dec 2022 23:37:16 GMT
server: Cloudfront
etag: W/"62a84552bc785c288c347ebb38300d6d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: i7VevMd5WQ-EbZh1tsANIJJMG7RoKSHEbjQXz_K8l3sHRriVmx-mkw==

GET
H2 200 payment-request-inner-google-pay-95d47082c4cb0cd058abd5fb4db6de84.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1451 9 KB
4 KB 202ms
195ms Script
text/javascript 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-95d47082c4cb0cd058abd5fb4db6de84.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-38dc4e74a2fa5e49501493e539cbe040.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ca2da25ca733139ab1211bc78a116fdc99158a89c2cf9faa5d10d6fb9e09f213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-38dc4e74a2fa5e49501493e539cbe040.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 07:23:41 GMT
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 3133
x-cache: Hit from cloudfront
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Cloudfront
etag: W/"1d702381bed2746ffebb1ffefc2444b4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -BT67onWVCtz8VdQBzKDY7XsgloRbEUkTPRgUh0PeLiLqzU3RkUK3w==

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B635
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5BLrAAAAI2JDAMg

43 B
766 B

629ms
199ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5BLrAAAAI2JDAMg
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 08:15:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

x-served-by: cache-syd10179-SYD
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1670400942.177657,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5BLrAAAAI2JDAMg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C4BD 0
570 B 1090ms
553ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C4BD 0
570 B 1086ms
551ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-976124c48ece5d1509a4173f901dafda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C4BD 294 KB
66 KB 488ms
487ms Script
text/javascript 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-04d1534596bfa6fd80b5913e4938ec02.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5f29bbb03d81835920ce91ae962981dbaa21d29646d0f23496990e53df9410bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-04d1534596bfa6fd80b5913e4938ec02.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 07:39:57 GMT
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2204
x-cache: Hit from cloudfront
last-modified: Tue, 06 Dec 2022 23:37:16 GMT
server: Cloudfront
etag: W/"62a84552bc785c288c347ebb38300d6d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TSwmMA_97fE708__IEN7ql3SCNXf_Ax7rZ3Fp2Ln-UEjnMQYSfRF6g==

GET
H2 200 payment-request-inner-browser-db489d3ed3c03d228ca7eae98380b4bb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C4BD 11 KB
5 KB 530ms
529ms Script
text/javascript 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-db489d3ed3c03d228ca7eae98380b4bb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-04d1534596bfa6fd80b5913e4938ec02.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

60b7417fecca912926f6bfa3a11c2e50d18e6c7490e759448cfb6feed573cf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-04d1534596bfa6fd80b5913e4938ec02.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 07:38:49 GMT
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2299
x-cache: Hit from cloudfront
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Cloudfront
etag: W/"c8e2b06db6e11dea0461de74e850b6a6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PP9o2LHEho1Fw78eIfW-IVKlZZ7EdGW7-dIOoJUZUIHI_W6fi2zn5g==

POST
H2 200 p
tr.snapchat.com/ 68 B
307 B 354ms
197ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://www.couriermail.com.au
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 4
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

POST
H2 200 s64596421011741 Show response
metrics.couriermail.com.au/b/ss/newscorpau-cmweb,newscorpau-global/10/JS-2.22.4/ 5 KB
5 KB 902ms
287ms XHR
application/x-javascript 63.140.36.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.couriermail.com.au/b/ss/newscorpau-cmweb,newscorpau-global/10/JS-2.22.4/s64596421011741

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-117.data.adobedc.net

Software

jag /

Resource Hash

d1f89af6a7316125560b20cc46d563e6f85b8eff1cf259bdb801cf8bfeb4e58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-aam-tid: dWCbpPY6SYE=
date: Wed, 07 Dec 2022 08:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4904
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-2-v041-0a0ce6a7d.edge-usw2.demdex.com 5 ms
pragma: no-cache
last-modified: Thu, 08 Dec 2022 08:15:42 GMT
server: jag
etag: 3587158709354233856-4619616687841965541
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.couriermail.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Tue, 06 Dec 2022 08:15:42 GMT

POST
H2 200 p
tr.snapchat.com/ 68 B
277 B 305ms
199ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://www.couriermail.com.au
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 hit.gif
au-script.dotmetrics.net/ 43 B
1 KB 289ms
288ms Image
image/gif 54.192.150.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-script.dotmetrics.net/hit.gif?id=13065&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&dom=www.couriermail.com.au&r=1670400942209&pvs=1&pvid=bb365b26-23b6-4128-9232-fe91654afd99&c=true&tzOffset=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-4.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
dotmetrics-hit-status: 01 OK
via: 1.1 d103b7ce7f019a66fa1afbceb8b1f1c0.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: image/gif
cache-control: no-cache
x-amz-cf-id: 5zBSmSFvyuTjO0AkjN-SKX9IaUpNZeqJ3icmPo_tW--RjT7Yf9m2PA==

GET
H2 200 hit.gif
rm-script.dotmetrics.net/ 807 B
1 KB 598ms
193ms Image
image/gif 18.155.68.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rm-script.dotmetrics.net/hit.gif?id=13065&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&dom=www.couriermail.com.au&r=1670400942209&pvs=1&pvid=bb365b26-23b6-4128-9232-fe91654afd99&c=true&tzOffset=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-56.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 10:19:38 GMT
via: 1.1 5d49db79ec0e6c45ef2f26e185dbc432.cloudfront.net (CloudFront)
last-modified: Mon, 04 Apr 2022 10:59:12 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
age: 78965
etag: "e4f758e6322c8f8abfa1f6eba71ee873"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 807
x-amz-cf-id: DOm22-jqfQDOrkn9utbf7ywT5xk9OsWn3dGLMRQHUNE4uSKkZ9KoMQ==

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B635
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Y5BLrAAAAI2JDAMg

43 B
1 KB

250ms
250ms

Image
image/gif

104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Y5BLrAAAAI2JDAMg

Protocol

HTTP/1.1

Server

104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 08:15:42 GMT
AN-X-Request-Uuid: 45560f1b-a9b0-4bf6-b5f3-e9f816f93e2f
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-syd10179-SYD
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1670400942.268472,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Y5BLrAAAAI2JDAMg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B50D 930 B
1 KB 301ms
96ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 19
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 08:15:42 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 10
x-content-type-options: nosniff
x-request-id: 20ecdcee-e69e-4c62-9bd4-5ef45a55c18f
x-served-by: cache-syd10174-SYD
x-timer: S1670400943.549054,VS0,VE0

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 18 KB
2 KB 1458ms
913ms XHR
application/octet-stream 184.28.235.216
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.28.235.216 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-28-235-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: bIFHgs3f7FKtm47jv0JKYRYBVt8CgyHo
content-encoding: gzip
date: Wed, 07 Dec 2022 08:15:43 GMT
last-modified: Tue, 06 Dec 2022 06:58:22 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: "4a5e4a11bf4a74aeb574379e169fa679"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=403
accept-ranges: bytes
x-amz-cf-id: HKbFQdnWdXDJ_NhSGo-uZ6hEXdhEctW_--seuDsbW-7DApHCMHXYNw==
content-length: 1284

GET
H2 200 script.js Show response
au-script.dotmetrics.net/Scripts/ 79 KB
33 KB 299ms
299ms Script
application/javascript 54.192.150.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/Scripts/script.js?v=218
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-4.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: 9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
content-encoding: br
via: 1.1 d103b7ce7f019a66fa1afbceb8b1f1c0.cloudfront.net (CloudFront)
last-modified: Tue, 29 Nov 2022 15:20:21 GMT
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "1d90406186815f7"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: YnDGmKLU4LYvQ1GhuTTzb_uxpfvU6LJnlQHTgAQB2ZuhXg1XweJyGQ==

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B635
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5BLrAAAAI2JDAMg
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y5BLrAAAAI2JDAMg

43 B
61 B

293ms
193ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y5BLrAAAAI2JDAMg
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:43 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y5BLrAAAAI2JDAMg
date: Wed, 07 Dec 2022 08:15:42 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 584ms
194ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=683769168692807&ev=PageView&dl=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&rl=&if=false&ts=1670400942424&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1670400942422.392122306&it=1670400941950&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Dec 2022 08:15:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 585ms
195ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=683769168692807&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&rl=&if=false&ts=1670400942425&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.2.1670400942422.392122306&it=1670400941950&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Dec 2022 08:15:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B635
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5BLrAAAAI2JDAMg

1 B
450 B

941ms
315ms

Image
text/html

103.231.98.194
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5BLrAAAAI2JDAMg
Protocol: H2
Server: 103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 08:15:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-syd10179-SYD
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1670400942.480797,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5BLrAAAAI2JDAMg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 messages Show response
dsf.newscorpaustralia.com/dailytelegraph/wp-json/dsf-api/ Frame 4FCD 6 KB
2 KB 97ms
97ms XHR
application/json 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://dsf.newscorpaustralia.com/dailytelegraph/wp-json/dsf-api/messages

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/33.js?0518da4528600a3980ec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

56bc687b2a58d0145a7ab051dba9a1c8d64ff4bc048122726ed0960686e6d2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://subscriptions.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
x-cache: hit
content-length: 1418
x-rq: syd1 0 2 9980
server: nginx
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://subscriptions.couriermail.com.au
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=60
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
accept-ranges: bytes
x-robots-tag: noindex
link: <https://dsf.newscorpaustralia.com/dailytelegraph/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame FCB4 27 KB
12 KB 216ms
215ms Script
application/javascript 13.35.14.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=66b6134c-df0f-446d-ae14-dffacf328b65&u_scsid=15f625a4-a7d9-4151-817e-0c6d3866b5c6&u_sclid=f6567421-af94-4338-a68c-6b908795d653
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-14-254.sin5.r.cloudfront.net
Software: CloudFront /
Resource Hash: 842c040a3cc90e5c4f5bd7f571b9e725ab64c9b42595e57cddd56fd5d6cbbaec

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 15:14:41 GMT
content-encoding: gzip
via: 1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN5-C1
age: 61261
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 11972
x-amz-cf-id: Dj7gGp4JUdu20A8kCxoKzTdOiZAZezwh-WfyNugMPydPQqzoJdeUVw==

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame C282 12 KB
4 KB 197ms
196ms Document
text/html 13.35.8.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-99.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2527
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 07 Dec 2022 07:33:36 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Wed, 28 Sep 2022 14:09:00 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
x-amz-cf-id: 2pTnqNKbsw8ehTL_VGNbPyVSsL6HF8paqoG057c41kqwEifPKbTVbg==
x-amz-cf-pop: SIN5-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache: Hit from cloudfront

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2A4D 474 B
865 B 591ms
197ms Fetch
application/json 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-55.sin2.r.cloudfront.net
Software: Cloudfront /
Resource Hash: b5794b20910bf7d0edc6e7465cebcaa2710cc9783823ae65c735b75438d97bd7

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 08:15:40 GMT
via: 1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified: Tue, 06 Dec 2022 23:59:39 GMT
server: Cloudfront
x-amz-cf-pop: SIN2-P1
age: 20
etag: "7e95426b2dee41bc2a592181bcf77b56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: DrldAuXHrFBhTHoDhFLXirO1PJQ4qltgByYK8hHtXWjx-vjOGJLSYw==

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame B635
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5BLrAAAAI2JDAMg&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5BLrAAAAI2JDAMg&img=1&__user_check__=1&sync_id=5826743a-7607-11ed-adde-11edc3220107

43 B
548 B

198ms
198ms

Image
image/gif

103.71.26.125
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5BLrAAAAI2JDAMg&img=1&__user_check__=1&sync_id=5826743a-7607-11ed-adde-11edc3220107
Protocol: HTTP/1.1
Server: 103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 08:15:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 93
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 07 Dec 2022 08:15:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=Y5BLrAAAAI2JDAMg&img=1&__user_check__=1&sync_id=5826743a-7607-11ed-adde-11edc3220107
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 51
Connection: keep-alive
Content-Length: 0

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame CE86 2 KB
3 KB 569ms
568ms Document
text/html 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=0v9i7KoW6MBLSfe036YSQT79zA8Zaz4Y&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fsubscriptions.couriermail.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=kx-M-BQXLDAiPvDmhHV4ZLtXF6S729az&nonce=NcsFJ7uEXdHlJ155kyZTObQIxgwnKgMD&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D

Requested by

Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

32820bc643f0c49be0d48291ff7f087be3b17209d3fa8b53ebec362a556f5dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscriptions.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 775bd0a46ab48323-KIX
content-encoding: gzip
content-length: 812
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type: text/html;charset=UTF-8
date: Wed, 07 Dec 2022 08:15:43 GMT
expires: Wed, 07 Dec 2022 08:15:43 GMT
ot-baggage-auth0-request-id: 775bd0a46ab48323
ot-tracer-sampled: true
ot-tracer-spanid: 49ed9bd00121abab
ot-tracer-traceid: 3320983162a45965
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-00000000000000003320983162a45965-49ed9bd00121abab-01
tracestate: auth0-request-id=775bd0a46ab48323,auth0=true
vary: Accept-Encoding
x-akamai-transformed: 9 549 0 pmb=mTOE,3
x-auth0-requestid: 9bd2ac35519a360287e2
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1670400943

POST
H2 200 csp-report
q.stripe.com/ Frame B50D 0
344 B 554ms
548ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 582ms
191ms Script
application/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.couriermail.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 580ms
190ms Script
application/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.couriermail.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
779 B 233ms
232ms XHR
text/plain 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=484100326631072&correlator=818529158514956&hxva=1&scor=932776740188477&eid=31070872%2C31071154&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=5129&enc_prev_ius=%2F0%2F&prev_iu_szs=1x1&ifi=1&adks=14334197&sfv=1-0-40&ists=1&prev_scp=pos%3D1&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D18ea50a1dfa37a3fbdebf8ed11c91e4c%26sec1%3Dsops%26sec2%3Dsubscription%26sec3%3Dcustomerdetails%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dbreach%252Cshopfront%26adl%3Dfalse%26abtest%3Da%26pvid%3D18ea50a1dfa37a3fbdebf8ed11c91e4c-00000000000000000000000000000000-1670400941367-246327&sc=1&cookie_enabled=1&abxe=1&dt=1670400942681&lmt=1670400942&dlt=1670400935795&idt=6717&adxs=0&adys=3200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&frm=20&vis=1&psz=1600x3200&msz=1600x0&fws=4&ohw=1600&ga_vid=242175962.1670400943&ga_sid=1670400943&ga_hid=1085421908&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

cafe /

Resource Hash

1610772654afe7c0c2876afdd9b32a57e79d439579ccfeefcc0ff6016abd678e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 750
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.couriermail.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 581ms
199ms XHR
application/json 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f155.1e100.net

Software

cafe /

Resource Hash

8d8bc31db5174f8e2ffcd24611b3fdfa2b8d3f5fdf2d1dbf3dda76f365347761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11176
x-xss-protection: 0

GET
H2 200 container.html Show response
9d0491d1fa772dbd92de3c6053a9f1cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8DDE 6 KB
3 KB 583ms
191ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9d0491d1fa772dbd92de3c6053a9f1cb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 08:15:43 GMT
expires: Thu, 07 Dec 2023 08:15:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame 2A4D 308 B
953 B 802ms
405ms Fetch
application/json 13.228.68.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_OuQN80LPo08deCUxUoJBFBcW0004q5b1vq&stripe_js_id=09aac0a8-ff19-4555-b468-0deb7838dc97

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.228.68.255 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-68-255.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

54c62e6d86591d9f63d2447dbfe6aff96a02dde162bf1a3d425ff12abe0b8381

Security Headers

Name	Value
Content-Security-Policy	report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-security-policy: report-uri /csp-report?p=%2Felements%2Flink-config;block-all-mixed-content;default-src 'none' 'report-sample';base-uri 'none';form-action 'none';style-src 'unsafe-inline';frame-ancestors 'self';connect-src 'self';img-src 'self' https://b.stripecdn.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 308
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Origin
x-robots-tag: none
access-control-allow-headers: x-stripe-csrf-token
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame B50D 86 KB
16 KB 98ms
97ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 07 Dec 2022 08:15:42 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 12
x-cache: HIT
content-length: 16031
x-request-id: 717dbc69-50da-42c7-b6aa-fdb962459735
x-served-by: cache-syd10174-SYD
server: Fastly
x-timer: S1670400943.747762,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 8

GET
H2

200

b.php
www.facebook.com/fr/ Frame B635
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5BLrAAAAI2JDAMg&t=2592000&o=0

43 B
692 B

416ms
415ms

Image
image/gif

157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5BLrAAAAI2JDAMg&t=2592000&o=0

Protocol

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 00:15:43 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: /Af4UC96cqGCVKKxQBlLLWvv5PANH3kTyWgMJJw5p91lrjIvvRD4PhQYBLRmTUbl/NwTotx4vfI6DVGLIOWZhA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type: image/gif
cache-control: public, max-age=0
priority: u=3,i
expires: Wed, 07 Dec 2022 00:15:43 PST

Redirect headers

x-served-by: cache-syd10179-SYD
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1670400943.771761,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5BLrAAAAI2JDAMg&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 5534
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1670400942778&u_scsid=298656df-ed1f-4488-9ebc-c3b97f0f09b8&u_sclid=9c2b3896-a34c-4e5d-9394-ea20b5764397
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1669839997493%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1669839997493%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1669839997493&pnid=140&pcid=e41ca4a4-36ac-4a2b-8b5b-12c33b289dbb

0
17 B

204ms
204ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1669839997493&pnid=140&pcid=e41ca4a4-36ac-4a2b-8b5b-12c33b289dbb

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Wed, 07 Dec 2022 08:15:43 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 12

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 07 Dec 2022 08:15:43 GMT
location: https://tr.snapchat.com/cm/p?rand=1669839997493&pnid=140&pcid=e41ca4a4-36ac-4a2b-8b5b-12c33b289dbb
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 88C1 0
27 B 219ms
219ms Other
text/html 142.251.10.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-l4ltwuJdNeiz8MQiJ4xHGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Dec 2022 08:15:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-l4ltwuJdNeiz8MQiJ4xHGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 88C1 21 KB
6 KB 191ms
191ms Stylesheet
text/css 142.251.10.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f100.1e100.net

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 07:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 08:23:20 GMT

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame C282 44 B
721 B 624ms
196ms Image
image/gif 54.169.248.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P2BB92677-1922-4DBE-B13B-691D7AB311D0&sessionId=pjskdfjym4egiv3p7onxajyuobcpa1670400942&c16=sdkv,bj.6.0.0&uoo=&fp_id=k6ul3gz0toywexjdgq7tr2glmy8uk1670400942&fp_cr_tm=1670400942548&fp_acc_tm=1670400942548&fp_emm_tm=1670400942548&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.248.180 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-248-180.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:43 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
pjskdfjym4egiv3p7onxajyuobcpa1670400942.nuid.imrworldwide.com/ Frame C282 35 B
349 B 621ms
195ms Image
image/gif 54.192.150.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pjskdfjym4egiv3p7onxajyuobcpa1670400942.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-103.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:04:28 GMT
via: 1.1 2feec21fa6ad8ca419b922ab129d0a2a.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 25876
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: NYoQDUdHwSdK5tVLWuaikeAaNwDqTZIIROm1utAgagsJfx6W--J6Tw==

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/am=XQYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame 88C1 177 KB
63 KB 575ms
191ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/am=XQYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6YEDooOFTDznodDo-9bGI0vjxURA/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

56560c59cbf49be8be710aaa2c33e3ec9ea436a4b6152240a7a48acc875c58ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 05:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63672
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 05:54:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 05:39:57 GMT

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame B635 43 B
378 B 393ms
191ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-vcl-time-ms: 94
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:43 GMT
via: 1.1 varnish
x-served-by: cache-syd10177-SYD
server: nginx
x-timer: S1670400943.122380,VS0,VE94
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 SiteEvent.dotmetrics Show response
au-script.dotmetrics.net/ 399 B
1 KB 483ms
482ms Script
application/javascript 54.192.150.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjUsImZsIjp0cnVlLCJkb20iOiJ3d3cuY291cmllcm1haWwuY29tLmF1IiwibHNvIjpudWxsLCJ1cmwiOiJodHRwczovL3d3dy5jb3VyaWVybWFpbC5jb20uYXUvc3Vic2NyaWJlL25ld3MvMS8%2Fc291cmNlQ29kZT1DTVdFQl9XUkUxNzBfYSZkZXN0PWh0dHBzJTNBJTJGJTJGd3d3LmNvdXJpZXJtYWlsLmNvbS5hdSUyRm5ld3MlMkZxdWVlbnNsYW5kJTJGMTQwLXBhc3NlbmdlcnMtc3R1Y2stb24tdHJhaW4tYmV0d2Vlbi1zdGF0aW9ucy1wYXJhbWVkaWNzLXRyZWF0LWhlYXQtc3RyZXNzJTJGbmV3cy1zdG9yeSUyRjk1Yjg4ZmIzMjEwZWY0NGIwZjZkOTc0ODIwZDg0NjVmJm1lbXR5cGU9YW5vbnltb3VzJm1vZGU9cHJlbWl1bSZ2MjE9ZHluYW1pYy1ncm91cGItY29udHJvbC1ub3Njb3JlJlYyMXNwY2JlaGF2aW91cj1hcHBlbmQiLCJydXJsIjoiIiwicHZpZCI6ImJiMzY1YjI2LTIzYjYtNDEyOC05MjMyLWZlOTE2NTRhZmQ5OSIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1670400942874
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=218
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-4.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: 4efeb5b4882bd5d6a57fcdb6d9d300cf07e20b9c5d199daafbd00530d650cdfb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-encoding: br
via: 1.1 d103b7ce7f019a66fa1afbceb8b1f1c0.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: SIN2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: SbGaS2t-9XmlWJPUxYVgqUHwl1u0Cnrd99lGb0W0gfi7B1QK7FN_eg==

POST
H2 200 6 Show response
m.stripe.com/ Frame B50D 156 B
522 B 828ms
276ms XHR
application/json 44.240.64.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.64.178 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-64-178.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f47bd3dd6b176fcd2534f9e155a394c25858a444d2dafd2aa95644cfc1a9e5de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 204 0
sync.1rx.io/usersync/adobe/ Frame B635 0
99 B 573ms
189ms Image
text/plain 74.118.186.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:43 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 58CB 18 KB
8 KB 560ms
258ms Document
text/html 142.251.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f92.1e100.net

Software

ESF /

Resource Hash

3408e39d5735ae6f70e8cdb2e2e8f9ba9bcf320636e5921a9044ba9cf37a48c1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DUGK9LX4fcQEBSkIPUnUSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DUGK9LX4fcQEBSkIPUnUSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Wed, 07 Dec 2022 08:15:43 GMT
expires: Wed, 07 Dec 2022 08:15:43 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 88C1 15 KB
16 KB 573ms
191ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464000&publicationId=couriermail.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 02:14:37 GMT
x-content-type-options: nosniff
age: 194466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:14:37 GMT

OPTIONS
H/1.1 200
OK tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 0
0 588ms
102ms Preflight 3.105.99.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.105.99.156 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-105-99-156.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.couriermail.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.couriermail.com.au
Access-Control-Max-Age: 600
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 07 Dec 2022 08:15:43 GMT
Server: nginx

POST
H/1.1 200
OK tp2 Show response
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 2 B
559 B 400ms
101ms XHR
text/plain 3.105.99.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.105.99.156 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-105-99-156.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Wed, 07 Dec 2022 08:15:44 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.couriermail.com.au
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H/1.1 200
OK cookie.html Show response
ncg.tags.news.com.au/prod/ncg/ Frame 1F63 12 KB
4 KB 617ms
197ms Document
text/html 18.155.68.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-80.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Age: 9
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 07 Dec 2022 08:15:35 GMT
ETag: W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified: Mon, 21 Mar 2022 03:18:39 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 fe1f71a38555d37376d318601a210ec4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: z9a-ncQKEnKW_t6n8XNA4b9nFI2-AiAA1P9uciYEPWhKKWv6gD0JFg==
X-Amz-Cf-Pop: SIN52-P1
X-Cache: Hit from cloudfront

GET
H2 200 lookuplist Show response
au.audience.newscgp.com/ 108 B
476 B 716ms
296ms XHR
application/json 13.35.8.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=18ea50a1dfa37a3fbdebf8ed11c91e4c&&bust=16704009431250.9597415353242538&errors-in-body=1
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-86.sin5.r.cloudfront.net
Software: nginx /
Resource Hash: 656c715d01a616ac8cb98b97d0c79cbaed1fa791767dd8a421c7ca3a0935925f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
via: 1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.couriermail.com.au
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 108
x-amz-cf-id: -5Ty2fBKvTJE4k73iP7GHYHO1C4jgDvi9dcNqhiJqITp36QkEWaruw==

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 277ms
273ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 277ms
274ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 278ms
275ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 278ms
276ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 278ms
277ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 281ms
280ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 280ms
279ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 278ms
278ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 286ms
285ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 302ms
272ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 305ms
275ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 306ms
275ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 542ms
511ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 541ms
511ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 524ms
512ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 403 csp-reports
login.newscorpaustralia.com/ Frame 4FCD 0
0 249ms
247ms Other
text/html 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/csp-reports
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-196-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscriptions.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

GET 6e39d6b0
login.newscorpaustralia.com/akam/13/ Frame CE86 0
0

GET nPGwB
login.newscorpaustralia.com/kKr8esI_hQzVe46otMZ5JnJSaqc/EQicpb6DS7/NG4dCQE/TH1sEnJ/ Frame CE86 0
0

GET
H2 200 435.js Show response
subscriptions.couriermail.com.au/caas/1.10.6/ Frame 4FCD 27 KB
9 KB 330ms
325ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/435.js

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/runtime~main.js?0518da4528600a3980ec

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

176a4d7346001286ad894be3cc341bd466f932e48f947c14deddd5ce422ac519

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "d06060475925fd26eebf19d729f1fcd0"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: YE8Ge5wpnTPX22QwRbgDQVgPm2JKqb-WaqFx8q-SapkKeGkqrU4AIA==
content-length: 8641

GET
H2 200 32.js Show response
subscriptions.couriermail.com.au/caas/1.10.6/ Frame 4FCD 8 KB
3 KB 317ms
311ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/32.js

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/runtime~main.js?0518da4528600a3980ec

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

29bb14d12ff9ab767375aee6f4fc6c8e9462639edda07da757e5868fcc32430d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "9ead2a315ad98a09f39a58c6c17a3f72"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=39
accept-ranges: bytes
x-amz-cf-id: PscEjGLRYvRYS3e6h3idXeGMT5cxGaphzqtA_zKzsYOlo576JC0sQQ==
content-length: 2542

GET
H2 200 598.async.js Show response
subscriptions.couriermail.com.au/caas/1.10.6/ Frame 4FCD 17 KB
6 KB 527ms
521ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/598.async.js

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/runtime~main.js?0518da4528600a3980ec

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

fe73f1fd4b06562be19aaeccf8ffeb47aa50dbc383d2e7e0a103ece055aea89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "86af291d0ca4e8daceea8070aa8d16e3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=48
accept-ranges: bytes
x-amz-cf-id: jLZTXOhDnKc7dlUTiXrWcyI99W1UrM-fwHnSePq06IN_h9PJnrHzsQ==
content-length: 5553

GET
H2 200 357.async.js Show response
subscriptions.couriermail.com.au/caas/1.10.6/ Frame 4FCD 25 KB
9 KB 641ms
635ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/357.async.js

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/runtime~main.js?0518da4528600a3980ec

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

dfad6d1cecf7337dcd922f1fab22a655d9e28aedddebb6d8ef5c07c8c277009b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "6849ace129baf5312aeedd2b943cf3b7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
accept-ranges: bytes
x-amz-cf-id: iUqVqJX7JBtNkgU2PNrbrVJieoInTFItG7UuLfiM3wRobiEQvZuHug==
content-length: 8500

GET
H2 200 595.async.js Show response
subscriptions.couriermail.com.au/caas/1.10.6/ Frame 4FCD 126 KB
49 KB 573ms
568ms Script
text/javascript 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/595.async.js

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/runtime~main.js?0518da4528600a3980ec

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

f170904e5bd571a49851d6d0e3671553b0e10c2eac23eb227307f575b548fbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
content-encoding: gzip
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "7542c981435735f26fa98808a9a3514a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: JM_6s_cub9pM8FpNq8VtRYrizt4tkUM9I3LJMy13tARkIAy8GLjMSQ==
content-length: 49395

GET SourceSansPro-Regular.woff2
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FCD 0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 2325ms
1942ms Script
text/javascript 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 08:15:45 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 277ms
276ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 280ms
278ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 280ms
279ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 278ms
278ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 58CB 2 KB
2 KB 190ms
190ms Other
text/html 142.251.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.12.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Dec 2022 08:15:43 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/am=bgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame 58CB 155 KB
55 KB 495ms
192ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/am=bgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhn1dEukpjT--iFQJAw6urQON0mag/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

94f6771f944fb253b6e5dc2c9eee648134de427da9efa8f6613426591a5af12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 17:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55812
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 06:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 17:57:10 GMT

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L... Frame 88C1 133 KB
45 KB 415ms
190ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L.B1.O/am=XQYACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7bWrVu48K3rnYPxHsNNKOh10XSoQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/am=XQYACA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6YEDooOFTDznodDo-9bGI0vjxURA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

436b445873f37e5b317f1aa9ea9c14d253bcb66737cc011915fc52dbb9fe910c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45848
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 01:52:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 20:02:48 GMT

GET
H2 200 Serving Show response
bs.serving-sys.com/ 15 KB
4 KB 672ms
199ms Script
text/html 13.251.75.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=4619123500279215544&pageurl=$$https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend$$&activityValues=$$Session%3D3706307650596794379$$&ns=0&rnd=6915893211292934&uinadv=%7B%7D
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.75.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-75-90.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 534f4fb8b04ee355e0a1a6cb6cb5491a658bfae6f57e68bb915f73dba0fcc919

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:44 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 3008
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 SourceSansPro-Regular.woff
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FCD 122 KB
122 KB 383ms
383ms Font
application/font-woff 13.35.8.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-34.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16195932a322941f8ab596cd871ea6711727114816604b7b3b9cef6151e116b4

Request headers

Referer: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Origin: https://subscriptions.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: hyTeiSdiLXMTlxtBmXSWjZcOot_pN2JS
date: Tue, 06 Dec 2022 19:02:23 GMT
via: 1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 48956
x-cache: Hit from cloudfront
content-length: 124500
last-modified: Wed, 23 Sep 2020 08:43:40 GMT
server: AmazonS3
etag: "81daed0d0e384a1a42f4a73fc5ccf759"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: M8_7vxGp0x2Dm4osFPd8Vk_DtU388KAMhA6rhFejf7uxelhAQK8yYg==

GET
H2 200 SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FCD 2 KB
2 KB 197ms
193ms Stylesheet
text/css 13.35.8.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-34.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: BU9pslV_1tk2oM9KNiljnrkOp3wYAVog
date: Wed, 07 Dec 2022 00:05:15 GMT
via: 1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 29430
etag: "2a13a755f725cea2c202bc30af451d10"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 2173
x-amz-cf-id: fskep2Yu2zyXkHtxbKjVK2KXh_CZHJo82mQXCOueJ-gzaA_pNV6FUQ==

GET
H2 200 Charter.css
subscriptions.news.com.au/media/fonts/Charter/ Frame 4FCD 2 KB
2 KB 201ms
198ms Stylesheet
text/css 13.35.8.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-34.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 78tZPx9F6ldnoT3vI7OxzT3AZa.JXQqe
date: Tue, 06 Dec 2022 13:35:27 GMT
via: 1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:10 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 70005
etag: "9d796e9621f8bd2ea24552819973cb20"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1635
x-amz-cf-id: MUBhy9wHIq9Ci7NuQtAnChlX4CLyEOjQZaKcLNmLC-k4Q9iqgYi5mA==

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 393ms
194ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=683769168692807&ev=Microdata&dl=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&rl=&if=false&ts=1670400943932&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Couriermail.com.au%20%7C%20Subscribe%20to%20The%20Courier%20Mail%20for%20exclusive%20stories%22%2C%22meta%3Adescription%22%3A%22Subscribe%20to%20The%20Courier-Mail%20to%20get%20unrestricted%20digital%20access%2C%20home%20paper%20delivery%2C%20Apps%20for%20iPad%20and%20Android%2C%20member%20only%20%2BRewards%20and%20much%20more...%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.2.1670400942422.392122306&it=1670400941950&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 07 Dec 2022 08:15:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H/1.1 200
OK tp2 Show response
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 2 B
559 B 106ms
105ms XHR
text/plain 3.105.99.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.105.99.156 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-105-99-156.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Wed, 07 Dec 2022 08:15:44 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.couriermail.com.au
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

OPTIONS
H/1.1 200
OK tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 0
0 100ms
100ms Preflight 3.105.99.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.105.99.156 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-105-99-156.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.couriermail.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.couriermail.com.au
Access-Control-Max-Age: 600
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 07 Dec 2022 08:15:44 GMT
Server: nginx

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC... Frame 58CB 69 KB
25 KB 192ms
192ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC9HAltb3I.L.B1.O/am=bgAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriRrLR4jDCBweCyclpYNUKli2TC5Q/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/am=bgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhn1dEukpjT--iFQJAw6urQON0mag/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

04e4d8cf7ebb0f780a5eb3e78094112a3a7ead03b841be437721689e088052df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 17:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25991
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 22:25:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 17:57:11 GMT

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L... Frame 88C1 1 KB
745 B 191ms
190ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L.B1.O/am=XQYACA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7bWrVu48K3rnYPxHsNNKOh10XSoQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

09bcb2bb312dec73303ef599967165578b591dae1c577984ecd2b9d0291507c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 719
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 01:52:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 20:02:48 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 88C1 593 B
439 B 210ms
209ms XHR
application/json 142.251.10.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-6007927095249620440&bl=boq_subscribewithgoogleclientserver_20221204.09_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=29745&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f100.1e100.net

Software

ESF /

Resource Hash

3f996ea06518a446b7943bd79fd649a0746271b475a00dffc9558e61cd347239

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame C952 4 KB
2 KB 592ms
194ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 00:01:54 GMT
Content-Encoding: gzip
Via: 1.1 b0fefe61f56a8633f9022434d425989c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-C1
Age: 29631
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 2fKSwx2HNvbzGcrlldwSlj9TP4k6Lqoh2E_DvzsV_6X7DCvw5Xbhqw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame BC9F 135 KB
52 KB 782ms
400ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1004271682

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

88c657e8dd3d1e77184d9bd380257d510e2438188063b57c2504bbd5f05357bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52963
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 08:15:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C481 135 KB
52 KB 1081ms
714ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-930683048

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

f243d30be41d989ce71bbac306fb71c937a5ffe921845eebace26064411cbbe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52969
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 08:15:44 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 6376 56 KB
15 KB 593ms
195ms Script
application/javascript 199.232.44.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.44.157 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100040-IAD, cache-qpg1231-QPG

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 4ACD 13 KB
5 KB 615ms
212ms Script
application/x-javascript 42.99.140.192
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-192.pacnet.net
Software: /
Resource Hash: 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=30382
accept-ranges: bytes
content-length: 4581

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1E29 134 KB
52 KB 529ms
191ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-694655858

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

fe9521f2eff852ea03541be1b6b87b76213f4d5e91ec329c35e383148a53c1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52987
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 08:15:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame CB3A 134 KB
52 KB 970ms
642ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-694655858

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

1143c0ee2d8a1c15d6adb35aeae8bee904d89da252eaacb1a54d3b1456ba8c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52987
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 08:15:44 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame B987 4 KB
2 KB 595ms
194ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 00:01:54 GMT
Content-Encoding: gzip
Via: 1.1 0ab36911ca4960d388d49f382630062c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-C1
Age: 29632
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: XcnVNxH55rx6FmI0Vje8bFqKzZLTfotUnoHwWZmFaeKPfl5sethzgg==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 1B72 9 KB
4 KB 297ms
97ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append&nk=18ea50a1dfa37a3fbdebf8ed11c91e4c-1670400934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Expires: Mon, 31 Oct 2022 05:58:51 GMT
Date: Wed, 07 Dec 2022 08:15:44 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 8138
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21944-LGA, cache-syd10180-SYD
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1670400945.799288,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 672271, 1846

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 4352 16 KB
6 KB 593ms
196ms Script
application/javascript 106.10.236.37
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

106.10.236.37 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

o1.ycpi.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:04:46 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: 7BMNVBGAWVANVQ6Q
age: 660
x-amz-server-side-encryption: AES256
x-amz-id-2: WRLFOauUhQ/cwG79sBtuCy/Udr9x0QomGRMy4K4p4AVCeGHW0gJLPqHbNcCkCjxJm/KpW4HTUDT8LLMkZmVRhA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2

200

activityi;dc_pre=CN3G2reI5_sCFVbAcwEdGS0NXQ;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222 Show response
8228261.fls.doubleclick.net/ Frame EF9B
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3G2reI5_sCFVbAcwEdGS0NXQ;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985...

402 B
291 B

687ms
385ms

Document
text/html

172.217.194.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3G2reI5_sCFVbAcwEdGS0NXQ;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f149.1e100.net

Software

cafe /

Resource Hash

4cec3b890f3d70b05a8f5a06d56a4079444eb4769e6e35e8d6f1e21e5f590aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 225
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 08:15:45 GMT
expires: Wed, 07 Dec 2022 08:15:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 08:15:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3G2reI5_sCFVbAcwEdGS0NXQ;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CLPE2reI5_sCFZTOcwEdbdMJVw;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745 Show response
8228261.fls.doubleclick.net/ Frame D34A
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLPE2reI5_sCFZTOcwEdbdMJVw;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=296098855745...

403 B
295 B

505ms
202ms

Document
text/html

172.217.194.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CLPE2reI5_sCFZTOcwEdbdMJVw;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f149.1e100.net

Software

cafe /

Resource Hash

7a1f8d84aca7408c5590eb9f7727fdf3c4e1cf84203fde645f4b4716b9b398f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 226
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 08:15:45 GMT
expires: Wed, 07 Dec 2022 08:15:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 08:15:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLPE2reI5_sCFZTOcwEdbdMJVw;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CNyx2reI5_sCFYap2AUd0EkHqQ;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016 Show response
8228261.fls.doubleclick.net/ Frame ABDB
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNyx2reI5_sCFYap2AUd0EkHqQ;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=997428989448...

402 B
334 B

505ms
200ms

Document
text/html

172.217.194.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CNyx2reI5_sCFYap2AUd0EkHqQ;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f149.1e100.net

Software

cafe /

Resource Hash

5dfd08c79bf9a0c288462b215f455c270894ecdbd13f86f50d76579b94963394

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 225
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 08:15:45 GMT
expires: Wed, 07 Dec 2022 08:15:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 08:15:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNyx2reI5_sCFYap2AUd0EkHqQ;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 6C9D 45 KB
17 KB 578ms
195ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16824
x-xss-protection: 0
server: cafe
etag: 9000569688538989929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 08:15:45 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame CD08 45 KB
17 KB 624ms
252ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16824
x-xss-protection: 0
server: cafe
etag: 9000569688538989929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 08:15:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C7DD
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:sci0vsk&fmt=3
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDQyMmY5YTYtMDQ1OS00MDM4LWJjN2YtNTk1MDAzNzExNTQz&gdpr=0&gdpr_consent=&ttd_tdid=d422f9a6-0459-4038-bc7f-59500...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d422f9a6-0459-4038-bc7f-595003711543&google_gid=CAESEA1Es3AWdBv7xdr5m4tduMA&google_cver=1
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d422f9a6-0459-4038-bc7f-595003711543&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d422f9a6-0459-4038-bc7f-595003711543&expiration=1672992945&gdpr=0&gdpr_consent=

43 B
766 B

584ms
195ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d422f9a6-0459-4038-bc7f-595003711543&expiration=1672992945&gdpr=0&gdpr_consent=
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 08:15:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d422f9a6-0459-4038-bc7f-595003711543&expiration=1672992945&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 8CE1
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:n3q6464&fmt=3
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d422f9a6-0459-4038-bc7f-595003711543&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=

70 B
692 B

99ms
99ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=
date: Wed, 07 Dec 2022 08:15:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame FDB7
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=rx108zq&ct=0:nntfz5f&fmt=3
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=

70 B
692 B

100ms
99ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=
date: Wed, 07 Dec 2022 08:15:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 9208
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=rx108zq&ct=0:0qafetv&fmt=3
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=d422f9a6-0459-4038-bc7f-595003711543&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=

70 B
692 B

104ms
97ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-CHQAoBlE2uKmgHppCTbLvUH0rjb1zK4-~A&gdpr=0&gdpr_consent=
date: Wed, 07 Dec 2022 08:15:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 62DE 43 B
632 B 600ms
200ms Image
image/gif 106.10.236.146
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10041060&js=no&url=couriermailshopfrontpage020419

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

106.10.236.146 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

spdc.pbp.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Dec 2022 08:15:45 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
987 B 755ms
250ms Image
application/javascript 104.254.151.68
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049981&seg=15374671&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 08:15:46 GMT
AN-X-Request-Uuid: 1f57901d-cc41-4ff6-869e-e821b9646f42
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.64; 173.245.209.64; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
987 B 750ms
250ms Image
application/javascript 104.254.151.68
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049977&seg=15374569&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 08:15:46 GMT
AN-X-Request-Uuid: 1d6af4a8-6f36-4530-abad-9cac251e6c6f
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.64; 173.245.209.64; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
987 B 751ms
250ms Image
application/javascript 104.254.151.68
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1049976&seg=15374546&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 08:15:46 GMT
AN-X-Request-Uuid: bf18033f-92c5-43d4-9cee-bc5fbc8b4de6
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.64; 173.245.209.64; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ 43 B
639 B 432ms
231ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_136907&src.rand=[timestamp]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 58CB 1 MB
355 KB 265ms
264ms XHR
text/html 142.251.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f92.1e100.net

Software

ESF /

Resource Hash

c53dc64d7e982594b6e32a03d34a59cac6fc3af2f307a935f49489f291ee67bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ECw_QQqy2nVcQhfykedX7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ECw_QQqy2nVcQhfykedX7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 07 Dec 2022 08:15:44 GMT

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ 44 B
597 B 196ms
195ms Image
image/gif 54.169.248.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b06_subscribe_S&asn=subscribe&fp_id=k6ul3gz0toywexjdgq7tr2glmy8uk1670400942&fp_cr_tm=1670400942548&fp_acc_tm=1670400942548&fp_emm_tm=1670400942548&ve_id=&sessionId=pjskdfjym4egiv3p7onxajyuobcpa1670400942&prv=1&c6=vc,b06&ca=NA&c13=asid,P2BB92677-1922-4DBE-B13B-691D7AB311D0&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,elf9nusqabisminmvydl1hkkcrvj81670400942&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16704009425417252&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1670400941443&c3=st,c&c64=starttm,1670400944&adid=1670400941443&c58=isLive,false&c59=sesid,&c61=createtm,1670400943&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&c66=mediaurl,&sdd=&c62=sendTime,1670400943&rnd=810233
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.248.180 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-248-180.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:44 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 log Show response
play.google.com/ Frame 88C1 131 B
196 B 545ms
244ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 622ms
236ms Preflight
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 88C1 131 B
196 B 566ms
266ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 623ms
239ms Preflight
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 88C1 131 B
196 B 569ms
268ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 622ms
239ms Preflight
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC... Frame 58CB 23 KB
9 KB 190ms
190ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC9HAltb3I.L.B1.O/am=bgAQ/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriRrLR4jDCBweCyclpYNUKli2TC5Q/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

a9324d6ac0a1f04c1b96fb2f2cb3c46a3ef5b454d0baf5fa8670f70947c26e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 06:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9247
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 22:25:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 06:40:42 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC... Frame 58CB 35 KB
13 KB 191ms
191ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC9HAltb3I.L.B1.O/am=bgAQ/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriRrLR4jDCBweCyclpYNUKli2TC5Q/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

78b29ccab278c90124b4e45ebb34eb808a5320266837e3a7fdf90d03b167750f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 17:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13418
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 22:25:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 17:57:11 GMT

POST
H2 200 log Show response
play.google.com/ Frame 58CB 131 B
196 B 595ms
294ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 617ms
240ms Preflight
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 58CB 131 B
196 B 572ms
271ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 614ms
238ms Preflight
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 58CB 131 B
196 B 591ms
290ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 616ms
241ms Preflight
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 58CB 131 B
196 B 576ms
276ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 611ms
238ms Preflight
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 58CB 131 B
196 B 575ms
273ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 608ms
236ms Preflight
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L... Frame 88C1 17 KB
7 KB 202ms
202ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L.B1.O/am=XQYACA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7bWrVu48K3rnYPxHsNNKOh10XSoQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

c27b8b2b56069327dd3f77302914cbe5d326c3955d3e5267eaa0f0173445f7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 23:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 01:52:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 23:39:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 58CB 131 B
152 B 450ms
249ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 782ms
415ms Preflight
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 07 Dec 2022 08:15:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 275ms
274ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:44 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 275ms
274ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:44 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 275ms
274ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:44 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 275ms
274ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:44 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 275ms
275ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:44 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 imgNewsNetwork.jpg
subscriptions.couriermail.com.au/caas/1.10.6/assets/ Frame 4FCD 35 KB
35 KB 257ms
256ms Image
image/jpeg 104.84.196.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subscriptions.couriermail.com.au/caas/1.10.6/assets/imgNewsNetwork.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-196-155.deploy.static.akamaitechnologies.com

Software

Resource Hash

eee4b740fa1ca55446b70cfbdc4ce54b00362f9ccd61c3db2c5f6fe432c340ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:44 GMT
strict-transport-security: max-age=600
last-modified: Tue, 06 Dec 2022 04:26:19 GMT
x-amz-cf-pop: SIN52-C2
etag: "66e5b98efe47b4be5eea14745e58a730"
content-type: image/jpeg
cache-control: max-age=2491914
accept-ranges: bytes
content-length: 35778
x-amz-cf-id: 0XV5Hu5HY9h_aLlWv5y-c6OjVA4cF0u1G5Z-vdX2x-48y-1mt7l4oQ==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 4FCD 884 B
775 B 516ms
215ms Script
text/javascript 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ

Requested by

Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/595.async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

GSE /

Resource Hash

b2f9da38be2058d27215f94cc62665a2fd4110caf0451d00e79664a7d6171c37

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 08:15:45 GMT

GET
H2 200 CM_SDO_P0418A_W04 Show response
commerceapi.news.com.au/offersapi/offers/ Frame 4FCD 37 KB
11 KB 671ms
670ms XHR
application/json 23.195.152.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offers/CM_SDO_P0418A_W04
Requested by: Host: subscriptions.couriermail.com.au
URL: https://subscriptions.couriermail.com.au/caas/1.10.6/33.js?0518da4528600a3980ec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdc2edc6513b6d3249696a1f017590a0c8c54c9905f2b9e743a04b545419e7de

Request headers

Accept: application/json, text/plain, */*
Referer: https://subscriptions.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
x-api-key: 0iwH8Iq4KC9UZKpkJJn6B8SpM7MCC3tl35vR1WF9

Response headers

date: Wed, 07 Dec 2022 08:15:46 GMT
content-encoding: gzip
x-amz-cf-pop: SIN52-C3
x-amzn-requestid: 1336dbdf-df18-482f-842f-7706d68e9e70
x-amzn-trace-id: Root=1-63904bb2-43311ecd34b68e37663e5ca2;Sampled=0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: cxDD5FlSywMFRfQ=
x-amz-cf-id: tQ97JJ7tspggXwHJ9JHZCuGETK9lwH_Y54a9QuyoO-2OVUmy6riEkQ==
content-length: 10163

OPTIONS
H2 200 CM_SDO_P0418A_W04
commerceapi.news.com.au/offersapi/offers/ Frame 0
0 1313ms
544ms Preflight
application/json 23.195.152.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offers/CM_SDO_P0418A_W04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-195-152-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://subscriptions.couriermail.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://subscriptions.couriermail.com.au
content-length: 1
content-type: application/json
date: Wed, 07 Dec 2022 08:15:45 GMT
x-amz-apigw-id: cxDD0Ee6ywMFjjA=
x-amz-cf-id: v-f5vIHCQ2I-KWCmDJKVpABgqiZ1NUhcPpgSWEoKWRTOAWpOlhOhFg==
x-amz-cf-pop: SIN52-C3
x-amzn-requestid: 159542e3-6537-4646-a599-079163277006

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 1B72 42 B
349 B 251ms
250ms Image
image/gif 104.254.150.228
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1670400944851&v=0.0.20&u=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&r=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&st=1670400944851&et=1670400944851&if=1
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 08:15:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 173.245.209.64; 173.245.209.64; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H3 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC... Frame 58CB 11 KB
4 KB 191ms
190ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC9HAltb3I.L.B1.O/am=bgAQ/d=1/exm=Das5Le,EFQ78c,FCpbqb,IZT63,LEikZe,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,lwddkf,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriRrLR4jDCBweCyclpYNUKli2TC5Q/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

6f0a6281453406f83f594591c8fadb99076373dc8a7829da25f07f88f240f85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 17:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4025
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 22:25:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 17:57:11 GMT

POST
H2 200 log Show response
play.google.com/ Frame 58CB 131 B
519 B 649ms
270ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L... Frame 88C1 11 KB
4 KB 190ms
190ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L.B1.O/am=XQYACA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7bWrVu48K3rnYPxHsNNKOh10XSoQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

bb48bc4346d9a1e9909ad7582ede8bffdd28680cf06941f6dfca4cb65f22de7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 10:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4051
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 01:52:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 10:49:56 GMT

POST
H2 200 log Show response
play.google.com/ Frame 88C1 131 B
214 B 619ms
273ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 m=UUJqVe,siKnQd,MpJwZc,KUM7Z,SpsfSb,xQtZb,zbML3c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC... Frame 58CB 33 KB
12 KB 190ms
190ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.6eerCLZLFvg.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.jzC9HAltb3I.L.B1.O/am=bgAQ/d=1/exm=Das5Le,EFQ78c,FCpbqb,IZT63,LEikZe,PrPYRd,RqjULd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,lwddkf,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriRrLR4jDCBweCyclpYNUKli2TC5Q/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=UUJqVe,siKnQd,MpJwZc,KUM7Z,SpsfSb,xQtZb,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

a52a774184c5b2caee04d5b020f092a79ce27f2bc75d365b254296facc74b37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 17:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12370
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 22:25:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 17:57:12 GMT

GET
H3 200 m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L... Frame 88C1 137 KB
43 KB 192ms
192ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.sd7TECXFVL8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.klfhsQ7gtfQ.L.B1.O/am=XQYACA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7bWrVu48K3rnYPxHsNNKOh10XSoQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

9447ea4bcb37f7382b122a07b42b227dec11e72e3a0f512746f10ce186889305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 03:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44255
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 01:52:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 03:39:49 GMT

GET
H2 200 adsct
t.co/i/ Frame 6376 43 B
379 B 458ms
255ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=2ca7b917-9fa5-4459-94cd-e29a693cde16&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2b4d3fd8-f169-49d7-97da-7a4b44f2403a&tw_document_href=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&tw_document_referrer=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3fll&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_l /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-response-time: 157
date: Wed, 07 Dec 2022 08:15:45 GMT
strict-transport-security: max-age=0
server: tsa_l
content-type: image/gif;charset=utf-8
x-transaction-id: d449671223308661
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6d7af81c992d1eee8ce7d4202ed7dd4f262d20523c454afc65d763b6ed34ff4d
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 6376 43 B
396 B 470ms
259ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2ca7b917-9fa5-4459-94cd-e29a693cde16&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2b4d3fd8-f169-49d7-97da-7a4b44f2403a&tw_document_href=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&tw_document_referrer=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3fll&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_l /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-response-time: 158
date: Wed, 07 Dec 2022 08:15:45 GMT
strict-transport-security: max-age=631138519
server: tsa_l
content-type: image/gif;charset=utf-8
x-transaction-id: 33548ba8f083a5a4
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a18562852910bb43d053e6d0f326dcf3088f9161acccc28f7eda88132a9a5d7f
content-length: 43

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/822178/domain/couriermail.com.au/ Frame 0
0 611ms
195ms Preflight 13.35.8.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/822178/domain/couriermail.com.au/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-26.sin5.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.couriermail.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 39638
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Tue, 06 Dec 2022 21:15:07 GMT
via: 1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
x-amz-cf-id: RbZtoj7AUkWtYCl9Ev-umx3pfBiVuDLjk1plSfEarBnrzvvmy6Bx5g==
x-amz-cf-pop: SIN5-C1
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/822178/domain/couriermail.com.au/ Frame 4ACD 36 B
367 B 197ms
196ms XHR
application/json 13.35.8.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/822178/domain/couriermail.com.au/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-26.sin5.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Dec 2022 00:47:12 GMT
content-encoding: gzip
via: 1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 26913
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=35834
x-amz-cf-id: mJjHgh23Z85Wi43dCN9i-JxpysMo8_iSJf6RGdrJHVG3G4hWQ2KYWA==

GET
H2

200

/
p.adsymptotic.com/d/px/ Frame 4ACD
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=822178&time=1670400945145&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=822178&time=1670400945145&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D822178%26time%3D1670400945145%26url%3Dhttps%253A%252F%252Fwww.couriermail.com.au%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=822178&time=1670400945145&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ea413614-ce1f-4642-9a22-3c64c39bb8e7
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ea413614-ce1f-4642-9a22-3c64c39bb8e7&_expected_cookie=4f5f0e6c7ae4109653bbcdf0...

43 B
164 B

232ms
231ms

Image
image/gif

104.18.100.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ea413614-ce1f-4642-9a22-3c64c39bb8e7&_expected_cookie=4f5f0e6c7ae4109653bbcdf0b9a1b728
Requested by: Host: www.couriermail.com.au
URL: https://www.couriermail.com.au/subscribe/news/1/?sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&memtype=anonymous&mode=premium&v21=dynamic-groupb-control-noscore&V21spcbehaviour=append
Protocol: H2
Server: 104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Wed, 07 Dec 2022 08:15:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775bd0c4eb87a835-SYD
content-length: 43
content-type: image/gif

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ea413614-ce1f-4642-9a22-3c64c39bb8e7&_expected_cookie=4f5f0e6c7ae4109653bbcdf0b9a1b728
date: Wed, 07 Dec 2022 08:15:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775bd0c3a957a835-SYD
content-length: 0

GET
H2 200 10041060.json Show response
s.yimg.com/wi/config/ Frame 4352 2 B
449 B 581ms
195ms XHR
application/json 106.10.236.37
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10041060.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

106.10.236.37 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

o1.ycpi.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:08:04 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: PXB0R5W9AMHXQ0SB
age: 461
content-length: 2
x-amz-id-2: sC2OVDn7ZCeEAhbMFUlFHFeZcgKlnOEtmVIj3mqW0oJtTscsOLXF9r4M+Voh1O0aNJCIiBzDO4M=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 4FCD 399 KB
159 KB 577ms
198ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscriptions.couriermail.com.au/
Origin: https://subscriptions.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162976
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 08:51:27 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 6C9D 4 KB
1 KB 198ms
197ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1670400945241&cv=9&fst=1670400945241&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

714fe99895afb45b424115f4584f1ac8f9d838962def97506efac794e9d168c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004271682/ Frame CD08 4 KB
1 KB 201ms
200ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004271682/?random=1670400945405&cv=9&fst=1670400945405&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

c4672219f55ef0d5c226b57772971982cdc1fb7f407734adcba9370b3da35c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/859754747/ Frame 6C9D 42 B
64 B 205ms
204ms Image
image/gif 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/859754747/?random=1670400945241&cv=9&fst=1670400000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&fmt=3&is_vtc=1&random=3750076679&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/859754747/ Frame 6C9D 42 B
108 B 499ms
198ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/859754747/?random=1670400945241&cv=9&fst=1670400000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&fmt=3&is_vtc=1&random=3750076679&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004271682/ Frame BC9F 3 KB
1 KB 205ms
205ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004271682/?random=1670400945461&cv=11&fst=1670400945461&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&auid=1623911363.1670400945&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1004271682

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

9fe65c1064cb45fed8931e71e6c557095e44d81b98276d8e252d06b5371022eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1004271682/ Frame BC9F 3 KB
1 KB 497ms
196ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1004271682/?random=1670400945477&cv=11&fst=1670400945477&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wydnCJjn5dgBEMLw794D&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1004271682

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

5017b43ed4b246d3f17a6120a8f7c4823d9e0f0ac9ce3714f3ccf2f24206ef3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1388
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9DDC 833 B
1 KB 101ms
100ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=rx108zq&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&upid=dd9kam9&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: ba5bcd350b717b9b70856f8e5d908f34fee96f7e05853815f97dc8f5d3c76047

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 08:15:45 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/694655858/ Frame 1E29 3 KB
1 KB 252ms
252ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/694655858/?random=1670400945515&cv=11&fst=1670400945515&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&auid=1623911363.1670400945&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-694655858

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

eea51e01b50b78741b39333324d27239cb0e3bdfd335b031052ea982b5de2358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/694655858/ Frame 1E29 3 KB
1 KB 496ms
196ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/694655858/?random=1670400945526&cv=11&fst=1670400945526&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=V1NFCNXEvbQBEPK2nssC&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-694655858

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

d370f2f161299036be0bece18d3bab554843d7175d918538eb7bbbda2759d2a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1388
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9136 833 B
1 KB 101ms
100ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&upid=b5f7l8u&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: ba5bcd350b717b9b70856f8e5d908f34fee96f7e05853815f97dc8f5d3c76047

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 07 Dec 2022 08:15:45 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 9DDC 487 B
986 B 194ms
194ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=rx108zq&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&upid=dd9kam9&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 16:02:31 GMT
Via: 1.1 0ab36911ca4960d388d49f382630062c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-C1
Age: 58395
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: 5Cs5BbWvIBwk0BrgkzcxxYvD_USTxF8HYgq7-IpPXKs4XI6YWv0s2w==

GET
H3 200 /
www.google.com/pagead/1p-user-list/1004271682/ Frame CD08 42 B
64 B 201ms
200ms Image
image/gif 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004271682/?random=1670400945405&cv=9&fst=1670400000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&fmt=3&is_vtc=1&random=2899599248&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1004271682/ Frame CD08 42 B
64 B 410ms
197ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1004271682/?random=1670400945405&cv=9&fst=1670400000000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&fmt=3&is_vtc=1&random=2899599248&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A98 13 KB
5 KB 494ms
189ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 91903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 06:44:03 GMT
expires: Wed, 06 Dec 2023 06:44:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CA2C 783 B
534 B 196ms
195ms Document
text/html 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

GSE /

Resource Hash

3e01140474f82e473d76c485ffe82bc5e8d5b887527c8c1598620a53b391fb1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nBhMKULCyY7CIIhJDg2atw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-nBhMKULCyY7CIIhJDg2atw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 08:15:45 GMT
expires: Wed, 07 Dec 2022 08:15:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 9136 487 B
986 B 194ms
193ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&upid=b5f7l8u&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 16:02:31 GMT
Via: 1.1 b0fefe61f56a8633f9022434d425989c.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-C1
Age: 58395
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: CN-xsrb3tQTuCBzp_SdK_7uDbmQXINpzSSlLEgmcjRWMoU-jLPvJmg==

GET
H2 200 dc_pre=CNyx2reI5_sCFYap2AUd0EkHqQ;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016
adservice.google.com/ddm/fls/z/ Frame ABDB 42 B
262 B 503ms
201ms Image
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNyx2reI5_sCFYap2AUd0EkHqQ;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNyx2reI5_sCFYap2AUd0EkHqQ;src=8228261;type=invmedia;cat=newsc00h;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9974289894487.016?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLPE2reI5_sCFZTOcwEdbdMJVw;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745
adservice.google.com/ddm/fls/z/ Frame D34A 42 B
107 B 502ms
201ms Image
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLPE2reI5_sCFZTOcwEdbdMJVw;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLPE2reI5_sCFZTOcwEdbdMJVw;src=8228261;type=invmedia;cat=newsc00d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2960988557450.3745?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930683048/ Frame C481 3 KB
1 KB 207ms
207ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930683048/?random=1670400945699&cv=11&fst=1670400945699&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&auid=1623911363.1670400945&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930683048

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

a16010faaacfb9d7ab14b870ad1dc41f6878a2fca901d0a4509f5faf814a83d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/930683048/ Frame C481 3 KB
1 KB 343ms
195ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/930683048/?random=1670400945711&cv=11&fst=1670400945711&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=7SdtCKz0xcwBEKix5LsD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-930683048

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

1e0a8884dcb8919964cb9d0640f17d2909b943981df13cbe141cb727515f8996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1004271682/ Frame BC9F 42 B
64 B 201ms
201ms Image
image/gif 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1004271682/?random=1670400945461&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3452088371&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1004271682/ Frame BC9F 42 B
64 B 299ms
199ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1004271682/?random=1670400945461&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3452088371&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/694655858/ Frame CB3A 3 KB
1 KB 201ms
201ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/694655858/?random=1670400945728&cv=11&fst=1670400945728&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&auid=1623911363.1670400945&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-694655858

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

1aae88d4aad995b81415f54ad04b4ad4f2055605a1f0bccff08ad9b563fdb172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 4352 43 B
246 B 200ms
200ms Image
image/gif 106.10.236.146
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2008%3A15%3A45%20GMT&n=0&.yp=10041060&f=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&e=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&enc=UTF-8&yv=1.13.0&isIframe=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

106.10.236.146 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

spdc.pbp.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Dec 2022 08:15:45 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/694655858/ Frame 1E29 42 B
64 B 203ms
203ms Image
image/gif 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/694655858/?random=1670400945515&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1917935619&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/694655858/ Frame 1E29 42 B
64 B 239ms
200ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/694655858/?random=1670400945515&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1917935619&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 5E14
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=d422f9a6-0459-4038-bc7f-595003711543&r=https%3A%2F%2Fmatch.adsrvr.org%2...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

70 B
692 B

99ms
99ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 07 Dec 2022 08:15:46 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, private
date: Wed, 07 Dec 2022 08:15:46 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame E17E
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d422f9a6-0459-4038-bc7f-595003711543&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=d422f9a6-0459-4038-bc7f-595003711543&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

70 B
692 B

102ms
101ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 07 Dec 2022 08:15:47 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Wed, 07 Dec 2022 08:15:47 GMT
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server: nginx

GET
H3 200 dc_pre=CN3G2reI5_sCFVbAcwEdGS0NXQ;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222
adservice.google.com/ddm/fls/z/ Frame EF9B 42 B
63 B 375ms
200ms Image
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN3G2reI5_sCFVbAcwEdGS0NXQ;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CN3G2reI5_sCFVbAcwEdGS0NXQ;src=8228261;type=invmedia;cat=newsc00c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=597750885985.0222?

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 2800
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=d422f9a6-0459-4038-bc7f-595003711543&r=https%3A%2F%2Fmatch.adsrvr.org%2...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

70 B
692 B

99ms
99ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Wed, 07 Dec 2022 08:15:46 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, private
date: Wed, 07 Dec 2022 08:15:46 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1 200
OK syncd Show response
x.bidswitch.net/ Frame F184 43 B
235 B 1185ms
398ms Document
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d422f9a6-0459-4038-bc7f-595003711543&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 07 Dec 2022 08:15:46 GMT
Server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CA2C 0
0 638ms
256ms Image
text/html 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=484100326631072&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/930683048/ Frame C481 42 B
64 B 206ms
206ms Image
image/gif 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930683048/?random=1670400945699&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=668399571&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/930683048/ Frame C481 42 B
64 B 196ms
196ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/930683048/?random=1670400945699&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=668399571&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/694655858/ Frame CB3A 42 B
64 B 209ms
206ms Image
image/gif 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/694655858/?random=1670400945728&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=760125798&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/694655858/ Frame CB3A 42 B
64 B 200ms
196ms Image
image/gif 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/694655858/?random=1670400945728&cv=11&fst=1670400000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=760125798&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com.au/pagead/1p-conversion/1004271682/ Frame BC9F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004271682/?random=24569524&cv=11&fst=1670400945477&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wydnCJjn5dgBEMLw794...
https://www.google.com/pagead/1p-conversion/1004271682/?random=24569524&cv=11&fst=1670400945477&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wydnCJjn5dgBEMLw794D&hn=www.googleadserv...
https://www.google.com.au/pagead/1p-conversion/1004271682/?random=24569524&cv=11&fst=1670400945477&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wydnCJjn5dgBEMLw794D&hn=www.googleads...

42 B
64 B

201ms
200ms

Image
image/gif

172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/1004271682/?random=24569524&cv=11&fst=1670400945477&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wydnCJjn5dgBEMLw794D&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aamJBZHNDcVVwUGNxekgtWWk5Rlg5V19la0pHUGljMktOUmRhZWRDVEZrSExTV1RWSW5NZ19I&is_vtc=1&ocp_id=sUuQY5S4Nfy64t4P4sqb2AQ&cid=CAQSKQDq26N9CWl6C9KX86tfRiqVBdIPpotygHpMVxkh8Kqd4YQWkZHgJ54WIBM&random=3597926200&ipr=y&prhg=0&ezwbk=AZuM4hARSoY9jE6bEnQqsWAPeIRJfyJpnjdb5dHI2VQdv8aDvtDJaN92MxErXOmwZzP8joc2bzsFT7QKvS0yCyBQDBuY

Requested by

Protocol

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-conversion/1004271682/?random=24569524&cv=11&fst=1670400945477&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=wydnCJjn5dgBEMLw794D&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aamJBZHNDcVVwUGNxekgtWWk5Rlg5V19la0pHUGljMktOUmRhZWRDVEZrSExTV1RWSW5NZ19I&is_vtc=1&ocp_id=sUuQY5S4Nfy64t4P4sqb2AQ&cid=CAQSKQDq26N9CWl6C9KX86tfRiqVBdIPpotygHpMVxkh8Kqd4YQWkZHgJ54WIBM&random=3597926200&ipr=y&prhg=0&ezwbk=AZuM4hARSoY9jE6bEnQqsWAPeIRJfyJpnjdb5dHI2VQdv8aDvtDJaN92MxErXOmwZzP8joc2bzsFT7QKvS0yCyBQDBuY
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com.au/pagead/1p-conversion/694655858/ Frame 1E29
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/694655858/?random=1989309736&cv=11&fst=1670400945526&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=V1NFCNXEvbQBEPK2ns...
https://www.google.com/pagead/1p-conversion/694655858/?random=1989309736&cv=11&fst=1670400945526&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=V1NFCNXEvbQBEPK2nssC&hn=www.googleadser...
https://www.google.com.au/pagead/1p-conversion/694655858/?random=1989309736&cv=11&fst=1670400945526&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=V1NFCNXEvbQBEPK2nssC&hn=www.googlead...

42 B
64 B

201ms
201ms

Image
image/gif

172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/694655858/?random=1989309736&cv=11&fst=1670400945526&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=V1NFCNXEvbQBEPK2nssC&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9lNHZubzV0d2tSeUJpSU9jSUdFaFExUjVVNjZzSzRJdHd2c2kwMk05Z0xWWjRyM2R1bVZhamRf&is_vtc=1&ocp_id=sUuQY_i0ONGBz7sPk_WYqAE&cid=CAQSKQDq26N9_NHol7vSNfjwVIuUTBkGHPm-ahDTb0EUz6F7hHJn9cH3PNrIIBM&random=1598557136&ipr=y&prhg=0&ezwbk=AZuM4hDK2AdNDZP5aWGDT499Q_kzUUtydruaAv7LZP-zXHI3i-EvOeAtjx3r3JRqOjc0EtlBHYQ9v-Mrvuzk9qeJ8oAy

Requested by

Protocol

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-conversion/694655858/?random=1989309736&cv=11&fst=1670400945526&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=V1NFCNXEvbQBEPK2nssC&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9lNHZubzV0d2tSeUJpSU9jSUdFaFExUjVVNjZzSzRJdHd2c2kwMk05Z0xWWjRyM2R1bVZhamRf&is_vtc=1&ocp_id=sUuQY_i0ONGBz7sPk_WYqAE&cid=CAQSKQDq26N9_NHol7vSNfjwVIuUTBkGHPm-ahDTb0EUz6F7hHJn9cH3PNrIIBM&random=1598557136&ipr=y&prhg=0&ezwbk=AZuM4hDK2AdNDZP5aWGDT499Q_kzUUtydruaAv7LZP-zXHI3i-EvOeAtjx3r3JRqOjc0EtlBHYQ9v-Mrvuzk9qeJ8oAy
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com.au/pagead/1p-conversion/930683048/ Frame C481
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930683048/?random=279419665&cv=11&fst=1670400945711&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=7SdtCKz0xcwBEKix5Ls...
https://www.google.com/pagead/1p-conversion/930683048/?random=279419665&cv=11&fst=1670400945711&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=7SdtCKz0xcwBEKix5LsD&hn=www.googleadserv...
https://www.google.com.au/pagead/1p-conversion/930683048/?random=279419665&cv=11&fst=1670400945711&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=7SdtCKz0xcwBEKix5LsD&hn=www.googleads...

42 B
64 B

203ms
203ms

Image
image/gif

172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/930683048/?random=279419665&cv=11&fst=1670400945711&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=7SdtCKz0xcwBEKix5LsD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aT2ZPYXRIM2dGbW9tM2s1RHh6YkVPTHNlcFI4aWVEcHBGWGhFTVhpTWdQMTB3TFVIaTA3SUN2&is_vtc=1&ocp_id=sUuQY4irOo_h3LUPzOKzwAQ&cid=CAQSKQDq26N9M7F3zBRy07mG0qAQcT7XLL4f8jToFpHI1IzU5TDMB2c9jmr8IBM&random=1430701575&ipr=y&prhg=0&ezwbk=AZuM4hAcCfN17GFMakWqI_9iJUXhpPXEls6CUgx9JmtzhJY_QX6ccY-lCW_dX-eRGRGwVH0sxxmhkX2NfrbujKaw3eK4

Requested by

Protocol

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-conversion/930683048/?random=279419665&cv=11&fst=1670400945711&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&label=7SdtCKz0xcwBEKix5LsD&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&ref=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d974820d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&gtm_ee=1&auid=1623911363.1670400945&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUkltQUgyRkptYV82OGpVck44V3h6NFQtMjZwTkNuUk9SUzBXV2YyWkx3YWtRa21PUWh5U2Y0GlhDaEFJZ0pEQm5BWVFsYmI0X0xfY2xvQTdFaTRBT0hvVU9aT2ZPYXRIM2dGbW9tM2s1RHh6YkVPTHNlcFI4aWVEcHBGWGhFTVhpTWdQMTB3TFVIaTA3SUN2&is_vtc=1&ocp_id=sUuQY4irOo_h3LUPzOKzwAQ&cid=CAQSKQDq26N9M7F3zBRy07mG0qAQcT7XLL4f8jToFpHI1IzU5TDMB2c9jmr8IBM&random=1430701575&ipr=y&prhg=0&ezwbk=AZuM4hAcCfN17GFMakWqI_9iJUXhpPXEls6CUgx9JmtzhJY_QX6ccY-lCW_dX-eRGRGwVH0sxxmhkX2NfrbujKaw3eK4
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A98 36 KB
16 KB 334ms
190ms Script
text/javascript 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f155.1e100.net

Software

sffe /

Resource Hash

f35ff183302d0372ba0544afc65be2611aa229162a3c7de35cc920deb6e4d9f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 05:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15897
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 05:25:34 GMT

POST
H/1.1 200
OK tme
lm.serving-sys.com/lm/ 0
188 B 2908ms
379ms Ping
text/plain 3.73.8.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/tme
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.8.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.couriermail.com.au
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

POST
H/1.1 200
OK tme
lm.serving-sys.com/lm/ 0
188 B 2929ms
395ms Ping
text/plain 3.73.8.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/tme
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.8.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.couriermail.com.au
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
DATA 200
OK truncated
/ Frame 4FCD 520 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 698b75b34c376b73b97acf42f0ec14f3554b420e658c4fe98d87721e4b5f7d8a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4FCD 466 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Charter_Bold.woff2
subscriptions.news.com.au/media/fonts/Charter/ Frame 4FCD 11 KB
11 KB 259ms
257ms Font
binary/octet-stream 13.35.8.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter_Bold.woff2
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-34.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45a844d6787e4364f8c0ab321b2d5680d48604886d045685b6bf9c582518db9d

Request headers

Referer: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Origin: https://subscriptions.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:49:03 GMT
x-amz-version-id: 1b6Z9wm5mjr_.l.HoLoCCXx3v3T_1CSx
via: 1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 70004
x-cache: Hit from cloudfront
content-length: 11024
last-modified: Wed, 23 Sep 2020 08:43:11 GMT
server: AmazonS3
etag: "d7b524ce6a47a156d5f7767297b358f7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: PVEI8U8IdeCPuMoFHeFLcng2nPgaAQKbfR5xnkMyNGTaEMk_z7vX0Q==

GET SourceSansPro-Regular.woff2
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FCD 0
0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 84BC 42 KB
22 KB 204ms
203ms Document
text/html 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmNvdXJpZXJtYWlsLmNvbS5hdTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=g19uytvqm30s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

GSE /

Resource Hash

bb55e4f098a9965bb38831264fb4f0c2a69f3f6e1605b73c077f0523a5a4e6d5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HN-5MdYHF-zIVQg5dgJzzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subscriptions.couriermail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22229
content-security-policy: script-src 'report-sample' 'nonce-HN-5MdYHF-zIVQg5dgJzzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 08:15:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK tme
lm.serving-sys.com/lm/ 0
188 B 2808ms
397ms Ping
text/plain 3.73.8.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/tme
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.8.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.couriermail.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.couriermail.com.au
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 SourceSansPro-Regular.woff
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame 4FCD 122 KB
122 KB 205ms
204ms Font
application/font-woff 13.35.8.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.8.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-8-34.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16195932a322941f8ab596cd871ea6711727114816604b7b3b9cef6151e116b4

Request headers

Referer: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Origin: https://subscriptions.couriermail.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: hyTeiSdiLXMTlxtBmXSWjZcOot_pN2JS
date: Tue, 06 Dec 2022 19:02:23 GMT
via: 1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 48959
x-cache: Hit from cloudfront
content-length: 124500
last-modified: Wed, 23 Sep 2020 08:43:40 GMT
server: AmazonS3
etag: "81daed0d0e384a1a42f4a73fc5ccf759"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: plF50hOS8iYP9FpmSHmXB-_I1IlobIJmcRUN_CijXuBq8ORTizSnbQ==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 84BC 52 KB
24 KB 190ms
190ms Stylesheet
text/css 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmNvdXJpZXJtYWlsLmNvbS5hdTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=g19uytvqm30s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 02:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 02:49:46 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 84BC 399 KB
159 KB 216ms
215ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 08:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162976
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 08:51:27 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4A98 0
10 B 191ms
190ms Image
text/plain 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QjM1DQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ Frame 4FCD 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88641804179ca6d14134f9c4ae904f672f24af374aee53e4026a2cc3bc722836

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 s67087342643466 Show response
metrics.couriermail.com.au/b/ss/newscorpau-cmweb,newscorpau-global/10/JS-2.22.4/ 5 KB
5 KB 288ms
286ms Script
application/x-javascript 63.140.36.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.couriermail.com.au/b/ss/newscorpau-cmweb,newscorpau-global/10/JS-2.22.4/s67087342643466?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=7%2F11%2F2022%208%3A15%3A46%203%200&cid.&newsnkidcookie.&id=18ea50a1dfa37a3fbdebf8ed11c91e4c&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=18ea50a1dfa37a3fbdebf8ed11c91e4c&mid=82676526178865686321563129374040596974&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=cm%7Csops%7Cshopfront%7Cbreach%2Bshopfront&g=https%3A%2F%2Fwww.couriermail.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DCMWEB_WRE170_a%26dest%3Dhttps%253A%252F%252Fwww.couriermail.com.au%252Fnews%252Fqueensland%252F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%252Fnews-story%252F95b88fb3210ef44b0f6d97482&cc=AUD&events=event8%2Cevent19&v1=news%20corp%20au&v2=the%20courier%20mail&v3=the%20courier%20mail%20web&v4=sops&v5=subscription&v6=customer%20details&v9=breach%2Bshopfront&v10=D%3DpageName&v11=D%3Dvid&v14=anonymous&v22=7%3A15%20PM%7CWednesday&v24=New&v34=D%3Dg&v38=CM_SDO_P0418A_W04&v77=D%3Dmid&v125=gp&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=0d8465f%26memtype%3Danonymous%26mode%3Dpremium%26v21%3Ddynamic-groupb-control-noscore%26V21spcbehaviour%3Dappend&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&lrt=907&AQE=1

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-117.data.adobedc.net

Software

jag /

Resource Hash

5ec6c62f948abb012baa18aa3f3f43c07daa491c8505d2f7f2ed11c9bfaef9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-aam-tid: jehMaKIlTL0=
date: Wed, 07 Dec 2022 08:15:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4953
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-1-v041-0f8c8c501.edge-usw2.demdex.com 6 ms
pragma: no-cache
last-modified: Thu, 08 Dec 2022 08:15:46 GMT
server: jag
etag: 3587158718528585728-4619775783664213614
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 06 Dec 2022 08:15:46 GMT

GET
H3

200

/
www.google.com.au/pagead/1p-user-list/984324011/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984324011/?value=1.00&label=RISNCM3WuwkQq6-u1QM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/984324011/?value=1.00&label=RISNCM3WuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1628459152
https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=RISNCM3WuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1628459152&ipr=y

42 B
64 B

195ms
194ms

Image
image/gif

172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=RISNCM3WuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1628459152&ipr=y

Protocol

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=RISNCM3WuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1628459152&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com.au/pagead/1p-user-list/984324011/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1965605398
https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1965605398&ipr=y

42 B
64 B

197ms
196ms

Image
image/gif

172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1965605398&ipr=y

Protocol

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 08:15:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-user-list/984324011/?value=1.00&label=Dcw7CMXXuwkQq6-u1QM&guid=ON&script=0&is_vtc=1&random=1965605398&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 84BC 2 KB
2 KB 191ms
190ms Image
image/png 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 02:50:09 GMT
x-content-type-options: nosniff
age: 278738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sun, 11 Dec 2022 02:50:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 84BC 15 KB
15 KB 492ms
189ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 02:14:37 GMT
x-content-type-options: nosniff
age: 194470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 02:14:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 84BC 15 KB
15 KB 549ms
246ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:45:38 GMT
x-content-type-options: nosniff
age: 41409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 20:45:38 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 84BC 102 B
133 B 193ms
192ms Other
text/javascript 142.250.4.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f104.1e100.net

Software

GSE /

Resource Hash

e37cf126aa8566a656738098b081924337b521eaa6e63938c06a9e068829ffa3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmNvdXJpZXJtYWlsLmNvbS5hdTo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=g19uytvqm30s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 08:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 08:15:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 194ms
193ms Image
text/html 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=484100326631072&bg=!aGulay_NAAa7eOFIm3g7ACkAdvg8WgDk3zOZdajXmfRv9Ce6I7pyC-NWTJgu2O55IUm4VyqntjFu1gIAAABYUgAAAANoAQeZArIZs1gYXRkirfYnDduZTLnz8IeYJPCS62psIUOSDmTvZC1oghUU8eIKBQSAEg-moFZBNuxUklKOGuyT2LT0WDcv8AwTXB7n6S63ahsuDMkUTXGNKiS3wrf9z-bfpEy8V2gd254uIIRzWguz0rcIZo-Tpk15LnkbI76UcbH4UNqDPOPOuBWvG06kxpmdtG3z77T4cSlmS8vJ4dnWZkr_TMTSg0FY5ZhHxk4GzvCacSLET9nqziDDXQb_cFjR2jZLfAAnR_KvT2M4kTkr78Cu52tmZDP6VRoI9JFKF0MG6F5ehSSSKYXpHpWAHbNTnSTJ38rGHD5gFpCuNjKwsvadGslzXkoPg3LU5wtAxLaPCwhSLam54Ug_9MDx04fFcDyBfUcBqMRrkrgwV2gd8Df0mkcIh8Kj0lJeErWrx-Yaer6UUG8Ln2SgMS3O5rjQ-uNcDSVif8OE-ZlpTH3dWnGgGKYPnAsfskzphiWDxq9g8yg1ApkhBdjjP7UbSOAxNLnhIrN47cixDAi7JV88w5q7QALDz8DlIBtsxPgBDP8rGwfOvFpooM1XaJMK1ey9l0-fUPe4QY_ACKARP9khxO00lKjl3xVmMh0sGEKqT_2Thd_XL-Mj5ZyVRkBqBjroa-rxCNWFxoG8qO45olfGB7Zqizr951gKToDJi67JP401LY2u9zEBeNtEerU0K2_y8ZLQV3EGI2mflUoFVTyyy-VRu3bWkUWtZjt1Coisj48nhBoX8-IyzCXokYhhrguSLsqPIdzvDUcshCfp5s1mSr2l0jKOmQ1wYwtu2i-iravQOPXS3F2T84ukjvSMYmzMJ39biAMKikTkNTs2W2T29A8ObK5PC6UX5qUbiYV4szHrpMtsA54q3vgPf1oq0Xz4jIfEX9IjIHAMww95qPy1FRkTZ91jvw0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
795 B 195ms
195ms Script
text/javascript 13.33.33.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-55.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.couriermail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 07 Dec 2022 07:27:58 GMT
x-content-type-options: nosniff
via: 1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2870
x-cache: Hit from cloudfront
content-length: 295
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Cloudfront
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 8yVDDzYhxfHk753tPcsuy77yhwOmpwBprloS-fv0vViwmsyFOduU1Q==

POST
H2 200 0 Show response
r.stripe.com/ Frame 2A4D 0
127 B 275ms
275ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 07 Dec 2022 08:15:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/13/6e39d6b0

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/kKr8esI_hQzVe46otMZ5JnJSaqc/EQicpb6DS7/NG4dCQE/TH1sEnJ/nPGwB

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/13/6e39d6b0

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/kKr8esI_hQzVe46otMZ5JnJSaqc/EQicpb6DS7/NG4dCQE/TH1sEnJ/nPGwB

Domain: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2

Domain: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

106 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.couriermail.com.au/news/queensland/140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress/news-story	1970-01-20 16:45:36	Name: nk Value: 18ea50a1dfa37a3fbdebf8ed11c91e4c
.couriermail.com.au/subscribe/news/1	1969-12-31 23:59:59	Name: _schn Value: _6kjxcd
sc-static.net/scevent.min.js	1970-01-20 08:01:27	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.couriermail.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
.news.com.au/	1970-01-20 17:36:00	Name: nk Value: 18ea50a1dfa37a3fbdebf8ed11c91e4c
.couriermail.com.au/	1970-01-20 08:00:08	Name: bm_mi Value: E5C08EB3CBFADCFD765A3ED284B960D9~YAAQfUZYaFNYL9aEAQAAhIan6xJodNkqIcCzMdUUIULO/mkLW4X3YiUzEE8T5zZsN5ObZe1quH1LXqkl7ZQnZf5djHn5rS2PVl7OpXsm5HZRgxN8bQt1mAyq8ur16Rscl5Iwj0/0NJYzGhMGAlebJNtJn7xCf/PDYJz2cs5eBTcSiw5qBuhkpu7+qWOb1bfpI1CJUF4p3ft4ArZxnn43vJeRYiznwqJ87wJ/nRvG1eh4XlKJn+Q8yE6bKYesPl3YrSkkfXcqlbUeny4CTcIbd0QF4f+URRIPFXson/hkrs1V71KF1oIBUmYS0HG3dDWVXOuE8ljNcbQ8HHVAohlAW27m75c0Aqo=~1
.couriermail.com.au/	1970-01-20 17:36:00	Name: nk_debug Value: nk_not_set
.couriermail.com.au/	1970-01-20 17:36:00	Name: nk_ts Value: 1670400934
.couriermail.com.au/	1970-01-20 17:36:00	Name: nk Value: 18ea50a1dfa37a3fbdebf8ed11c91e4c
.couriermail.com.au/	1970-01-20 08:00:08	Name: bm_sv Value: 0830714C70A2EEC86516DAE9D499909E~YAAQfUZYaFRYL9aEAQAAhIan6xI8sOWxHrj79v7ySAq5wHQ13GEVB1xGESm0R3hJvMhBtGvBPiexMSwCrY3v5bzSfUGg39Iw4+rIlbSDMsQRgu8MhJjmQH2OXXBS8nW8pBtvyyEoqbW2IHHcavpILYOas/jvQT80WSvmrhsIwFpRVdpGUkvzBcQLWRJS1xA6JT0ZvwncKMb2oGSvlDPfHEnzu3zStV+Zjtb7L1gC1qwTeK+YBrxwjmtF6y05VpCKv55gfs3Cxxs=~1
.couriermail.com.au/	1970-01-20 12:19:12	Name: optimizelyEndUserId Value: oeu1670400937405r0.5745265707585048
.demdex.net/	1970-01-20 12:19:12	Name: demdex Value: 82652565260608639061565516155715088628
.couriermail.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 16:45:36	Name: everest_g_v2 Value: g_surferid~Y5BLrAAAAI2JDAMg
.dpm.demdex.net/	1970-01-20 12:19:12	Name: dpm Value: 82652565260608639061565516155715088628
login.newscorpaustralia.com/	1970-01-20 16:45:58	Name: did Value: s%3Av0%3A5672dbd0-7607-11ed-8372-4315fcf485f4.7knLMgrh27%2FNpBBskCq5imXxLCUSsZGem6Ry9%2Fy8Gl0
.couriermail.com.au/	1970-01-20 16:45:36	Name: utag_main Value: v_id:0184eba79c40001895da7365ae3003073015f06b00b08$_sn:1$_se:1$_ss:1$_st:1670402741121$ses_id:1670400941121%3Bexp-session$_pn:1%3Bexp-session
.adsrvr.org/	1970-01-20 16:45:36	Name: TDID Value: d422f9a6-0459-4038-bc7f-595003711543
.adnxs.com/	1970-01-20 10:09:36	Name: uuid2 Value: 4966116814420207217
.rubiconproject.com/	1970-01-20 16:45:36	Name: khaos Value: LBDDLBH9-1U-59AB
.casalemedia.com/	1970-01-20 16:45:36	Name: CMID Value: Y5BLrVtVqcHEgDzdQdjl-QAA
.casalemedia.com/	1970-01-20 10:09:36	Name: CMPS Value: 4684
.casalemedia.com/	1970-01-20 10:09:36	Name: CMPRO Value: 4684
www.couriermail.com.au/	1970-01-20 08:10:05	Name: AWSALB Value: AdtglmU/KvWRN8sSmU0Fl6Ae/FDQOiLWeijs6742/sJFaqfGqPx2FkrMyqEjA3ZXjyMZriqt3oQUn9zs874f98+bJ5pu6RbBjXUUS8x3QnKGwqUlrFS7zIwdpNbY
.couriermail.com.au/	1970-01-20 08:00:08	Name: ak_bmsc Value: 9051F41DDAE000EE375E20E09690AC60~000000000000000000000000000000~YAAQfUZYaJ5YL9aEAQAAEJ+n6xLaEWr38GGesQyi3jccZBtAk+VEhQNWig0m3ORlfSuc1JtzoabxohAogqrxe7RhShzk51XGA54icXTIJHOP5zwNiEKZpPwU8Fx5567NpGx2d51/2WumhKQ74auV2TKpVHCKaPTXrMRM1dVe9yTBBUuwcYwFzwHwQr4JgcPcZwad77nlJqLPUU61nADH2EKeDZPNlQjp9DLup9mWFpqgS+tJ3us7EaDCFM+QsL4r2R7L84itvLuw6I0LmL6L2QEIR1AV/iTzi5/VC8ocU4t1rotQImkGQVOs6T+aaEwIBDHyRJFEU95jspIQFoT4+bfPhvgsMbuHfG05C5GuYQIb9PeL3VBkeJzCx7CBYsaKUUz8QNKlhPWoIdzmdPMhPJGOyPR1oWAF4wxg240=
www.couriermail.com.au/	1970-01-20 08:10:05	Name: AWSALBCORS Value: AdtglmU/KvWRN8sSmU0Fl6Ae/FDQOiLWeijs6742/sJFaqfGqPx2FkrMyqEjA3ZXjyMZriqt3oQUn9zs874f98+bJ5pu6RbBjXUUS8x3QnKGwqUlrFS7zIwdpNbY
.doubleclick.net/	1970-01-20 17:36:00	Name: IDE Value: AHWqTUnOy0HoAUy7HwjuPj5mmD5Vp0hOR-_goG4twGugA_UgD0vVC0CViENzVxaL
.couriermail.com.au/	1970-01-20 08:00:02	Name: _ncg_sp_ses.4a70 Value: *
.couriermail.com.au/	1970-01-20 17:29:47	Name: _scid Value: cc2cea25-bd05-4d69-a40a-29ade10fcfd9
.couriermail.com.au/	1970-01-20 08:00:02	Name: s_inv Value: 0
.couriermail.com.au/	1970-01-20 08:00:02	Name: s_ppn Value: cm%7Csops%7Cshopfront%7Cbreach%2Bshopfront
.couriermail.com.au/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.couriermail.com.au/	1969-12-31 23:59:59	Name: s_tp Value: 3200
.couriermail.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: cm%257Csops%257Cshopfront%257Cbreach%252Bshopfront%2C38%2C38%2C1200%2C1%2C2
.couriermail.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.couriermail.com.au/	1970-01-20 17:36:00	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: 77933605%7CMCIDTS%7C19334%7CMCMID%7C82676526178865686321563129374040596974%7CMCAAMLH-1671005742%7C9%7CMCAAMB-1671005742%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670408142s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CMCCIDH%7C1309056572%7CvVersion%7C4.5.1
.turn.com/	1970-01-20 12:19:12	Name: uid Value: 9118216207156592077
.eyeota.net/	1970-01-20 16:45:36	Name: mako_uid Value: 184eba7a0c8-6892000001085b05
.eyeota.net/	1970-01-20 08:00:01	Name: SERVERID Value: 23301~DM
.scanscout.com/	1970-01-20 16:45:36	Name: uid Value: CI-e9832293cd4071b1e92d46e6ecaaebd4
.scanscout.com/	1970-01-20 16:45:36	Name: UIAA Value: 82652565260608639061565516155715088628
.scanscout.com/	1970-01-20 16:45:36	Name: UIXX_UPDT Value: "UIAA=1670400942242"
.couriermail.com.au/	1970-01-20 10:09:36	Name: _fbp Value: fb.2.1670400942422.392122306
.dotmetrics.net/	1970-01-20 16:45:36	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 16:45:36	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=caf5d884-01a4-4c98-a36c-420a6a265c1f&Created=12/07/2022 08:15:42&UserMode=0&guid=72df1804-8cb1-461b-b0b4-1c0612ce9319&ver=1
.couriermail.com.au/	1970-01-20 12:19:12	Name: nol_fpid Value: k6ul3gz0toywexjdgq7tr2glmy8uk1670400942\|1670400942548\|1670400942548\|1670400942548
.bluekai.com/	1970-01-20 12:22:05	Name: bku Value: pSL99v8nAsB8gw1P
.bluekai.com/	1970-01-20 12:22:05	Name: bkpa Value: KJy9CxObd02pSUHknpxpmEQhwtkAwEQ0BMD0BERN1MRyBM9TBM181eRhBERNBEWt1EDNBpWN1eQTBM/TJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9eghJn1=
.google.com/	1970-01-20 12:23:32	Name: NID Value: 511=WFjukarNv_fHipN3b87swco9N4NBVZ3SyE-ZtGJkkmvkq5_u70cSFbb6bqIgp0vs1XhIsZJ-kUEO5oxx-DP_mY6oMbizjqT2OWlNXNtQHzpuBGtL0Th-6GU1T4wIm-fB2l1GfuNKwYq8NiwlP58qu2IOBW-MX--tZyQrsgjaGqE
.openx.net/	1970-01-20 16:45:36	Name: i Value: ee15ff81-58e6-4006-b6f4-5bb5fd1749f0\|1670400942
www.couriermail.com.au/	1969-12-31 23:59:59	Name: DM_SitId1558 Value: 1
www.couriermail.com.au/	1969-12-31 23:59:59	Name: DM_SitId1558SecId13065 Value: 1
.couriermail.com.au/	1970-01-20 17:21:36	Name: __gads Value: ID=9af1058f27b599f8:T=1670400942:S=ALNI_MZWBXLQ6gFUAHGYImgBQa1yYIAHjQ
.couriermail.com.au/	1970-01-20 17:21:36	Name: __gpi Value: UID=00000b8b98eb8ac5:T=1670400942:RT=1670400942:S=ALNI_MZqP30bWHIkarWqoiQ2YhlPeO2NEg
.demdex.net/	1970-01-20 12:19:12	Name: dextp Value: 358-1-1670400940785\|470-1-1670400940886\|481-1-1670400940987\|771-1-1670400941089\|903-1-1670400941189\|19566-1-1670400941291\|23728-1-1670400941392\|30432-1-1670400941493\|30064-1-1670400941594\|66757-1-1670400941695\|134096-1-1670400941796\|144230-1-1670400941909\|144231-1-1670400942010\|144232-1-1670400942111\|144233-1-1670400942212\|144234-1-1670400942313\|144235-1-1670400942432\|144236-1-1670400942601\|144237-1-1670400942723\|147592-1-1670400942871\|461447-1-1670400942983
.couriermail.com.au/	1970-01-20 08:43:12	Name: nc_aam_segs Value: asgmnt%3D16675898
.couriermail.com.au/	1970-01-20 08:43:12	Name: aam_uuid Value: 82652565260608639061565516155715088628
au-script.dotmetrics.net/	1970-01-20 08:10:05	Name: AWSALBCORS Value: T3P7HVe0Gqnbh08t1fFCRmCjzSlhlw2YORvs5nXDyZ8PIoQgg/dvCEdTeXd3xZdQF+fNxVZUBtzuinEdnx6LCoZWiRPD7AVkzeb2pzyer/G/BoH7c52+45hhzE+Y
.imrworldwide.com/	1970-01-20 17:21:36	Name: IMRID Value: 5818c3a0-7607-11ed-adc0-cd8833d35c1a
.krxd.net/	1970-01-20 12:19:12	Name: _kuid_ Value: PPj9AjLA
.spotxchange.com/	1970-01-20 08:40:20	Name: audience Value: 582673ec-7607-11ed-adde-11edc3220107
.tapad.com/	1970-01-20 09:26:24	Name: TapAd_TS Value: 1670400943404
.tapad.com/	1970-01-20 09:26:24	Name: TapAd_DID Value: e41ca4a4-36ac-4a2b-8b5b-12c33b289dbb
.pubmatic.com/	1970-01-20 10:09:36	Name: KRTBCOOKIE_218 Value: 4056-Y5BLrAAAAI2JDAMg&KRTB&22978-Y5BLrAAAAI2JDAMg&KRTB&23194-Y5BLrAAAAI2JDAMg&KRTB&23209-Y5BLrAAAAI2JDAMg
m.stripe.com/	1970-01-20 17:36:00	Name: m Value: dad7e4be-06e3-46a5-a9dc-e1995467cbc3e2630c
.www.couriermail.com.au/	1970-01-20 16:45:36	Name: __stripe_mid Value: c938970b-04e3-410d-b302-d2cdcfccb04b029d40
.www.couriermail.com.au/	1970-01-20 08:00:02	Name: __stripe_sid Value: e44dc0ba-4769-485f-b189-a9f6a41774c3cc3d7d
.couriermail.com.au/	1970-01-20 17:36:00	Name: _ncg_sp_id.4a70 Value: 851a62d4-9af6-4403-8bc6-88f43e437a43.1670400942.1.1670400944.1670400942.d2faa99a-abee-4300-bc85-a5deb67ae68c
.tapad.com/	1970-01-20 09:26:24	Name: TapAd_3WAY_SYNCS Value:
.snapchat.com/	1970-01-20 17:21:36	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ3AMAgDwImQnOKA6DYkrafI8P32Xjc7niXBoi8ZC26de9ra7FdV4akziHtEgkDRz6/4AAJNeChAAAAA
.couriermail.com.au/	1970-01-20 17:29:47	Name: _sctr Value: 1\|1670371200000
.newscgp.com/	1970-01-20 16:45:36	Name: sp Value: be705308-b94f-4e0f-b775-bea5a7f55b19
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_6630 Value: 1
.serving-sys.com/	1970-01-20 10:09:36	Name: ActivityInfo2 Value: 004ivrCBW0_00452xCBW0_0049jPCBW0_004c3mCBW0_
.serving-sys.com/	1970-01-20 10:09:36	Name: G4 Value: 0009bS00Jh_0009fK00Jh_0009fO00Jh_000a9H00Jh1wmctF_
.serving-sys.com/	1970-01-20 10:09:36	Name: OT2 Value: 0001DC1rHg
.serving-sys.com/	1970-01-20 10:09:36	Name: u2 Value: 68d11488-4d9e-45e3-a8f3-c664dd741e164K5050
.rubiconproject.com/	1970-01-20 16:45:36	Name: audit Value: 1\|yw/FAYMzO4lbj2YRQESTcQUfYG7fY+gATMECGmiHo+W1Mnm1d2tbLZamWl3Sqin+PVYvTQdWpxpBK03vAHceEOzJ7rckCi5uYBivHmTcWTedBPvtPNCNIqP755F30FAZb5Rwy7O7LOq10UhNcsAQ+j4q4nrYAvrG5cmAxi7+9V1o8946LEpae9kIb4G5wtpyAWUOhSrDlPzc6UO785F0Pw==
.couriermail.com.au/	1970-01-20 10:09:36	Name: _gcl_au Value: 1.1.1623911363.1670400945
.www.couriermail.com.au/	1970-01-20 08:01:27	Name: ln_or Value: d
.analytics.yahoo.com/	1970-01-20 16:45:36	Name: IDSYNC Value: 1769~28pk
.yahoo.com/	1970-01-20 16:45:58	Name: A3 Value: d=AQABBLFLkGMCEEEOQDHMJo5mMjiheBTQLOMFEgEBAQGdkWOaYwAAAAAA_eMAAA&S=AQAAAo0JVm5U_IKPiWgriX4CwAY
.casalemedia.com/	1970-01-20 10:09:36	Name: CMTS Value: 4762
.mookie1.com/	1970-01-20 17:28:48	Name: id Value: 10522097591022185169
.mookie1.com/	1970-01-20 17:28:48	Name: mdata Value: 1\|10522097591022185169\|1670400945981
.mookie1.com/	1970-01-20 17:28:48	Name: ov Value: 4ee193a23a0a9580821a6a7092dd0c86
.pubmatic.com/	1970-01-20 10:09:36	Name: KRTBCOOKIE_377 Value: 6810-d422f9a6-0459-4038-bc7f-595003711543&KRTB&22918-d422f9a6-0459-4038-bc7f-595003711543&KRTB&23031-d422f9a6-0459-4038-bc7f-595003711543
.pubmatic.com/	1970-01-20 08:43:12	Name: PugT Value: 1670400946
.t.co/	1970-01-20 17:36:00	Name: muc_ads Value: 18c4c8d2-a4b9-4bf0-bfd5-f3babf4427cf
.adnxs.com/	1970-01-20 10:09:36	Name: anj Value: dTM7k!M4/YEVNsVF']wIg2E>7C15SnNP?V@!dhjBJ9rAzT5`.44o2D@I[hKB/?3o)mkSIqilxe7TD._*PlZ[C[-kX-hlmgw
.twitter.com/	1970-01-20 17:36:00	Name: personalization_id Value: "v1_qQDcInj5Qy5DJks+uK5+1w=="
.linkedin.com/	1970-01-20 10:09:36	Name: li_sugr Value: ea413614-ce1f-4642-9a22-3c64c39bb8e7
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:45:36	Name: bcookie Value: "v=2&cc90de6d-5db2-4fcc-818e-2013f98e2405"
.linkedin.com/	1970-01-20 08:01:27	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2793:u=1:x=1:i=1670400946:t=1670487346:v=2:sig=AQEKT7wiuFI0Nj46fU2imHUkGAz-treU"
.couriermail.com.au/	1970-01-20 08:43:12	Name: s_nr30 Value: 1670400946751-New
.couriermail.com.au/	1970-01-20 17:36:00	Name: s_tslv Value: 1670400946752
.linkedin.com/	1970-01-20 08:43:12	Name: UserMatchHistory Value: AQKbFIriCJ-B4AAAAYTrp7IXMp6quu_jtsTYQniB7SGe_0YTs4IQokJYvNMTU4PruiPH1HdO7avh-Q
.linkedin.com/	1970-01-20 08:43:12	Name: AnalyticsSyncHistory Value: AQLVnHmgwquRLwAAAYTrp7IXZ71Ov9-WADCZfmjey6ZWQioOmVidv73unjcfu5_aEyi505xRqnjz1y0Vjkudig
.bidswitch.net/	1970-01-20 16:45:36	Name: tuuid Value: 71a1dfb0-3eae-4907-ab2c-12aae2693deb
.bidswitch.net/	1970-01-20 16:45:36	Name: c Value: 1670400946
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 16:45:36	Name: bscookie Value: "v=1&202212070815472c4e4687-13ba-4bbe-8620-59403b25b839AQFFKwzet5Lw4aWN7LQwCg_MSOBTQdzj"
.bidswitch.net/	1970-01-20 16:45:36	Name: tuuid_lu Value: 1670400947
.adsrvr.org/	1970-01-20 16:45:36	Name: TDCPM Value: CAESEgoDYWFtEgsIyKOmuKiNrDsQBRIVCgZnb29nbGUSCwi83pLZqI2sOxAFEhYKB3J1Ymljb24SCwi83pLZqI2sOxAFEhkKCnJpZ2h0bWVkaWESCwiSu6XbqI2sOxAFEhUKBmNhc2FsZRILCMzIlt2ojaw7EAUSFwoIcHVibWF0aWMSCwiQzYvfqI2sOxAFEhgKCWJpZHN3aXRjaBILCJDNi9-ojaw7EAUYBSADKAMyCwiQxY6Mv42sOxAFQg8iDQgBEgkKBXRpZXIyEAFaB3ZyZ2VzNm5gAQ..
.adsymptotic.com/	1970-01-20 10:09:36	Name: U Value: 4f5f0e6c7ae4109653bbcdf0b9a1b728

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network	error	URL: https://login.newscorpaustralia.com/csp-reports Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID Message: Failed to load resource: the server responded with a status of 500 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network	error	URL: https://login.newscorpaustralia.com/csp-reports Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc#sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&mode=premium&v21=cm-casual-premium-breach-spc-dynamic-groupb-control-noscore-12for12%2BSWGJune22&V21spcbehaviour=append&pkgDef=CM_SDO_P0418A_W04&origin=https%3A%2F%2Fwww.couriermail.com.au&memType=anonymous Message: Access to font at 'https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2' from origin 'https://subscriptions.couriermail.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://subscriptions.couriermail.com.au/caas/index.html?pageType=spc#sourceCode=CMWEB_WRE170_a&dest=https%3A%2F%2Fwww.couriermail.com.au%2Fnews%2Fqueensland%2F140-passengers-stuck-on-train-between-stations-paramedics-treat-heat-stress%2Fnews-story%2F95b88fb3210ef44b0f6d974820d8465f&mode=premium&v21=cm-casual-premium-breach-spc-dynamic-groupb-control-noscore-12for12%2BSWGJune22&V21spcbehaviour=append&pkgDef=CM_SDO_P0418A_W04&origin=https%3A%2F%2Fwww.couriermail.com.au&memType=anonymous Message: Access to font at 'https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2' from origin 'https://subscriptions.couriermail.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security	max-age=600 ; includeSubDomains
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
9d0491d1fa772dbd92de3c6053a9f1cb.safeframe.googlesyndication.com
a20352597942.cdn.optimizely.com
acdn.adnxs.com
adservice.google.com
adservice.google.com.au
analytics.twitter.com
au-gmtdmp.mookie1.com
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
beacon.krxd.net
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.linkedin.oribi.io
cdn.optimizely.com
cm.everesttech.net
cm.g.doubleclick.net
commerceapi.news.com.au
connect.facebook.net
content.api.news
d.turn.com
dpm.demdex.net
dsf.newscorpaustralia.com
dsum-sec.casalemedia.com
dt.scanscout.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
lm.serving-sys.com
login.newscorpaustralia.com
logx.optimizely.com
m.stripe.com
m.stripe.network
match.adsrvr.org
merchant-ui-api.stripe.com
metrics.couriermail.com.au
ncg.tags.news.com.au
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
p.adsymptotic.com
pagead2.googlesyndication.com
pay.google.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pjskdfjym4egiv3p7onxajyuobcpa1670400942.nuid.imrworldwide.com
play.google.com
ps.eyeota.net
px.ads.linkedin.com
q.stripe.com
r.stripe.com
rm-script.dotmetrics.net
s.yimg.com
sc-static.net
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
ssum.casalemedia.com
static.ads-twitter.com
stats.wp.com
subscriptions.couriermail.com.au
subscriptions.news.com.au
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.snapchat.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.couriermail.com.au
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
x.bidswitch.net
login.newscorpaustralia.com
subscriptions.news.com.au
103.231.98.194
103.71.26.125
104.18.100.194
104.18.33.19
104.244.42.67
104.244.42.69
104.254.150.228
104.254.151.68
104.84.196.155
106.10.236.146
106.10.236.37
107.178.244.193
13.107.42.14
13.228.68.255
13.251.75.90
13.33.33.55
13.35.14.254
13.35.8.26
13.35.8.34
13.35.8.86
13.35.8.99
139.5.84.243
142.250.4.104
142.250.4.154
142.251.10.100
142.251.10.155
142.251.10.94
142.251.12.154
142.251.12.92
142.251.12.94
151.101.129.108
151.101.192.176
151.101.194.49
151.101.65.44
157.240.235.1
157.240.235.35
172.217.194.100
172.217.194.149
172.217.194.155
172.217.194.94
172.253.118.132
18.141.80.142
18.155.68.45
18.155.68.56
18.155.68.80
184.28.235.216
192.0.66.58
192.0.76.3
199.127.207.182
199.232.44.157
23.195.152.111
23.195.152.191
23.72.44.196
23.8.97.76
23.9.177.173
3.105.99.156
3.73.8.30
34.196.212.12
34.98.64.218
35.190.43.134
35.213.12.39
35.227.202.26
35.71.131.137
42.99.140.192
44.240.64.178
50.116.239.135
52.206.63.211
52.26.190.74
52.35.21.164
52.74.162.2
52.76.102.190
52.84.228.218
54.169.248.180
54.186.170.143
54.186.23.98
54.192.150.103
54.192.150.4
63.140.36.117
63.140.36.139
69.173.158.64
74.118.186.44
74.125.24.132
74.125.24.154
74.125.24.97
74.125.68.156
96.16.116.178
96.16.116.196
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0
04e4d8cf7ebb0f780a5eb3e78094112a3a7ead03b841be437721689e088052df
083b006f677b7f52e3395848f70d474b791ca7654dd6ce94b4598445ccb1d94c
09522073c5b65206a3115d5cd52bb393ad0915bb1c7b5d6455c14bca8e21f99f
09bcb2bb312dec73303ef599967165578b591dae1c577984ecd2b9d0291507c0
0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e3286d769f8d725affdf8a7098415edc89f19a599c08d5922af8046cd2f2fa7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0fc8a6e495e7cd447608aea7e0cd59b0e79bd4e74822d428c53880ac0db6c469
1143c0ee2d8a1c15d6adb35aeae8bee904d89da252eaacb1a54d3b1456ba8c95
1610772654afe7c0c2876afdd9b32a57e79d439579ccfeefcc0ff6016abd678e
16195932a322941f8ab596cd871ea6711727114816604b7b3b9cef6151e116b4
176a4d7346001286ad894be3cc341bd466f932e48f947c14deddd5ce422ac519
1aae88d4aad995b81415f54ad04b4ad4f2055605a1f0bccff08ad9b563fdb172
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143
1e0a8884dcb8919964cb9d0640f17d2909b943981df13cbe141cb727515f8996
1e119e9797d74ca45555e33fabec6cba1a2c70c0e0e0960d48495cda61572b08
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5
1ef2f48fd67df5e82f2d1510b4032ca3b26ead2b047e039e8b13d5b6ad2ca8bc
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27fc08b9e1225d23c8bd491676099e7c1994731ef5282d1c23248ecd324be876
29bb14d12ff9ab767375aee6f4fc6c8e9462639edda07da757e5868fcc32430d
2b18e69e2b26bba597286ca0bff7398a9fcb561b84692e2a972994d597cd03d5
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2de22d2cce6ccf2563f2b8f8ebf6840fcb0915a8fbe0d3e88a4321b8d0b6b8ea
32820bc643f0c49be0d48291ff7f087be3b17209d3fa8b53ebec362a556f5dc1
32cb22ea1f577c791feee8c622ce1746e2c72d0a8d1302171c957c6cf9177683
33f6e799863f911da9d141b4acb5c8a5b7fb1fbfca43db5cc200121989eea7d5
3408e39d5735ae6f70e8cdb2e2e8f9ba9bcf320636e5921a9044ba9cf37a48c1
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3e01140474f82e473d76c485ffe82bc5e8d5b887527c8c1598620a53b391fb1b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f996ea06518a446b7943bd79fd649a0746271b475a00dffc9558e61cd347239
40b0f6eae3e284a8a61b7b34889797a08022d118749cb3b50a8cf3e3cc6aedd3
436b445873f37e5b317f1aa9ea9c14d253bcb66737cc011915fc52dbb9fe910c
4401249648b5ad7b6664cdd30e58a3ec7de4ebca81b79fa9069339423d743ce8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a844d6787e4364f8c0ab321b2d5680d48604886d045685b6bf9c582518db9d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cec3b890f3d70b05a8f5a06d56a4079444eb4769e6e35e8d6f1e21e5f590aab
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1a4f2c605f26bcf80a2cd8e5d48e887c2062a53cd1d993cb05250223e386a6
4efeb5b4882bd5d6a57fcdb6d9d300cf07e20b9c5d199daafbd00530d650cdfb
5017b43ed4b246d3f17a6120a8f7c4823d9e0f0ac9ce3714f3ccf2f24206ef3d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
503932efe9407801a99edbaa5feb8096d083802d241afd9527fded3a8e469a7f
525eaa1c6d01f46234e88c1a4c0d2a09eda5456ece5742f29000ade04c032da8
534f4fb8b04ee355e0a1a6cb6cb5491a658bfae6f57e68bb915f73dba0fcc919
5457f3c7135ada1ae4deea3d8022d3b59d7d9b45ad0e2c9a1acd5ac5431cf172
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c62e6d86591d9f63d2447dbfe6aff96a02dde162bf1a3d425ff12abe0b8381
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56560c59cbf49be8be710aaa2c33e3ec9ea436a4b6152240a7a48acc875c58ce
56bc687b2a58d0145a7ab051dba9a1c8d64ff4bc048122726ed0960686e6d2e6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dfd08c79bf9a0c288462b215f455c270894ecdbd13f86f50d76579b94963394
5ec6c62f948abb012baa18aa3f3f43c07daa491c8505d2f7f2ed11c9bfaef9db
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f29bbb03d81835920ce91ae962981dbaa21d29646d0f23496990e53df9410bd
60b7417fecca912926f6bfa3a11c2e50d18e6c7490e759448cfb6feed573cf29
6140f2a711f54f2a8386ee82853b7fd67f5b27c0b22e3fdf8c517bcec5215694
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ba64a8589ec9a896c9b2d56362c9e74a0fe4dc5631cb5537e9f41fc8700f6b
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
656c715d01a616ac8cb98b97d0c79cbaed1fa791767dd8a421c7ca3a0935925f
6672b4fd2eaa1626ead3f7d082ef77ce9c4645544c395261343dbe57e319c2a6
698b75b34c376b73b97acf42f0ec14f3554b420e658c4fe98d87721e4b5f7d8a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce
6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab
6f0a6281453406f83f594591c8fadb99076373dc8a7829da25f07f88f240f85f
714fe99895afb45b424115f4584f1ac8f9d838962def97506efac794e9d168c7
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
78b29ccab278c90124b4e45ebb34eb808a5320266837e3a7fdf90d03b167750f
79b756468c447c159f7f8f05d4cf577e0ed8fffc556d90d50a79e084abc60ad6
7a1f8d84aca7408c5590eb9f7727fdf3c4e1cf84203fde645f4b4716b9b398f5
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
842c040a3cc90e5c4f5bd7f571b9e725ab64c9b42595e57cddd56fd5d6cbbaec
8640916aba1207e4fcff9c894252543689989434cd9fc0dabd4cee60b3e763a5
86e8ed098febe4691b72980ac9bb22f6370cd6fb7fd50f2fc3ca41f5a24c6ed7
88641804179ca6d14134f9c4ae904f672f24af374aee53e4026a2cc3bc722836
88c657e8dd3d1e77184d9bd380257d510e2438188063b57c2504bbd5f05357bf
8a53c31f97af961a4f76c93984b30a72682b91c036c631bf7251906cd13d599b
8ac972a09f7caaa1a2405c1ff7939e29b552d5f4f72c32886f32ce7df302344d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8bc31db5174f8e2ffcd24611b3fdfa2b8d3f5fdf2d1dbf3dda76f365347761
91dd04ab55aed67616994390bc12b6dbcd57c623e80361eaaff62b8c8a13c7a4
9447ea4bcb37f7382b122a07b42b227dec11e72e3a0f512746f10ce186889305
94f6771f944fb253b6e5dc2c9eee648134de427da9efa8f6613426591a5af12e
9be9d9a49f8d212171a6c56b9ce00616cf66698f3e370a1ecfc3e711b8f9ddc0
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42
9fe65c1064cb45fed8931e71e6c557095e44d81b98276d8e252d06b5371022eb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0edbc043a900a936da9ed0295bc0ae0d86be2dbf380ac08077c1bc26a8182ea
a16010faaacfb9d7ab14b870ad1dc41f6878a2fca901d0a4509f5faf814a83d4
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52a774184c5b2caee04d5b020f092a79ce27f2bc75d365b254296facc74b37c
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a9324d6ac0a1f04c1b96fb2f2cb3c46a3ef5b454d0baf5fa8670f70947c26e0b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aef0f013ee3b3bd75a4cf57808ec9a7f68c09eced6466679a61fe3defc46fea2
b11b65e2a747634f9b7ab321e8c96708af1e91f8e7f1496a79ef0defb5c60d40
b1293ca153110b3ab55ddd026148bfee4a241567ea9941ad1019faac070a46e6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f9da38be2058d27215f94cc62665a2fd4110caf0451d00e79664a7d6171c37
b5794b20910bf7d0edc6e7465cebcaa2710cc9783823ae65c735b75438d97bd7
b75447cb38ef41b1b3b31e18c5f61ce393365be3631c6c880acb76b4445d2571
ba0e564570f1e6ad7b0582355fd1f8ec40e33ea1ce2a8ffacb304507f9d28b71
ba5bcd350b717b9b70856f8e5d908f34fee96f7e05853815f97dc8f5d3c76047
bb48bc4346d9a1e9909ad7582ede8bffdd28680cf06941f6dfca4cb65f22de7c
bb55e4f098a9965bb38831264fb4f0c2a69f3f6e1605b73c077f0523a5a4e6d5
bf3a5997c85f4facbaa67f6ea36cd6bb516588fccba7037345efb84258c46c1d
c03baf8e87a71b974c535cf833b69a681a18f1601b49d9500b0a7085ccec4dfb
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c27b8b2b56069327dd3f77302914cbe5d326c3955d3e5267eaa0f0173445f7a7
c33c60d014227b42c513820e6d750cced736cda305beb7d6a20e35afe502648c
c408fd10a5a7894d20a0e4968eb8b559f4ecc3d867303d258d57aa7dd559ebba
c413481b097d186faa4edfe7ebbc0f29aeba2fa9742c8a05377cce87b14f3e18
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c4672219f55ef0d5c226b57772971982cdc1fb7f407734adcba9370b3da35c51
c53dc64d7e982594b6e32a03d34a59cac6fc3af2f307a935f49489f291ee67bf
ca2da25ca733139ab1211bc78a116fdc99158a89c2cf9faa5d10d6fb9e09f213
cace896d3f9fb0b99e3b528d35ac15705f61d3206b40b1da8553ff7446ad1e03
ccae0bf80f1f1b23720404f11760bc4ac99c1c7b8f2ee97fbbd3de1d763504cb
ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1f89af6a7316125560b20cc46d563e6f85b8eff1cf259bdb801cf8bfeb4e58d
d2f2d74ade134115fcab943b8938a964cd758ee983d936fb12f6a8c95fdbfa5c
d370f2f161299036be0bece18d3bab554843d7175d918538eb7bbbda2759d2a9
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d65e197f2a3fe68e8cec576d677ae42875725bbf2da432b93961f682f453b32e
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7a9449b47b4e267c9d57f9505f35404d77683e92a9e2afb43c77ff6eceb046c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd2682228ab18d579812740579e93821f23b84ca69ece85ce6427a143fc3d78c
dfad6d1cecf7337dcd922f1fab22a655d9e28aedddebb6d8ef5c07c8c277009b
e30565d344697a80f05882c11755c6d6a71626791bbc124df343b5edc7901312
e37cf126aa8566a656738098b081924337b521eaa6e63938c06a9e068829ffa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ecd074236cf26b7418d8f4af1c1c75fb61e2e203fe259da38174c3fdd68c27d0
ece70e751af05572df7513e5e904bcd69f32e7616718fec9e945a2e2924b8a26
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eea51e01b50b78741b39333324d27239cb0e3bdfd335b031052ea982b5de2358
eee4b740fa1ca55446b70cfbdc4ce54b00362f9ccd61c3db2c5f6fe432c340ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f170904e5bd571a49851d6d0e3671553b0e10c2eac23eb227307f575b548fbab
f21fd3933691b5cc8049bd0a1cb908640f5c0c7b0a723d8d924e87fe06e695f1
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f243d30be41d989ce71bbac306fb71c937a5ffe921845eebace26064411cbbe0
f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9
f35ff183302d0372ba0544afc65be2611aa229162a3c7de35cc920deb6e4d9f7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f47bd3dd6b176fcd2534f9e155a394c25858a444d2dafd2aa95644cfc1a9e5de
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
fa896f1c76d78f7035f40a0edd707a70a6219b497ae50fe54f0ef1448b2afb22
fdc2edc6513b6d3249696a1f017590a0c8c54c9905f2b9e743a04b545419e7de
fe73f1fd4b06562be19aaeccf8ffeb47aa50dbc383d2e7e0a103ece055aea89c
fe9521f2eff852ea03541be1b6b87b76213f4d5e91ec329c35e383148a53c1be

www.couriermail.com.au Open in urlscan Pro 23.195.152.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

337 Requests

90 %HTTPS

0 %IPv6

53 Domains

97 Subdomains

77 IPs

8 Countries

4171 kBTransfer

11729 kBSize

106 Cookies

16 Outgoing links

Page URL History

Redirected requests

337 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.couriermail.com.au Open in urlscan Pro
23.195.152.111 Public Scan

Screenshot
Live screenshot

Full Image

337
Requests

90 %
HTTPS

0 %
IPv6

53
Domains

97
Subdomains

77
IPs

8
Countries

4171 kB
Transfer

11729 kB
Size

106
Cookies

337 HTTP transactions
5 data transactions