www.newsletters.news.com.au Open in urlscan Pro
52.65.195.72 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newsletters.news.com.au/geelongadvertiser
Submission: On September 23 via api (September 23rd 2022, 5:06:34 pm UTC) from BE — Scanned from AU

Summary HTTP 115 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 56 IPs in 9 countries across 46 domains to perform 115 HTTP transactions. The main IP is 52.65.195.72, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is www.newsletters.news.com.au.
TLS certificate: Issued by Amazon on October 18th 2021. Valid for: a year.

This is the only time www.newsletters.news.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.65.195.72 52.65.195.72	16509 (AMAZON-02) (AMAZON-02)
4	104.71.48.190 104.71.48.190	16625 (AKAMAI-AS) (AKAMAI-AS)
9	18.155.68.122 18.155.68.122	16509 (AMAZON-02) (AMAZON-02)
2	23.41.75.53 23.41.75.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.41.66.63 23.41.66.63	16625 (AKAMAI-AS) (AKAMAI-AS)
10	104.71.49.6 104.71.49.6	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.71.48.157 104.71.48.157	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.33.91.15 13.33.91.15	16509 (AMAZON-02) (AMAZON-02)
4	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
3	13.33.79.24 13.33.79.24	16509 (AMAZON-02) (AMAZON-02)
1	54.192.150.92 54.192.150.92	16509 (AMAZON-02) (AMAZON-02)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1	18.155.68.27 18.155.68.27	16509 (AMAZON-02) (AMAZON-02)
2	52.221.16.11 52.221.16.11	16509 (AMAZON-02) (AMAZON-02)
2	151.101.129.175 151.101.129.175	54113 (FASTLY) (FASTLY)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.78.217.66 23.78.217.66	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.26.6.155 104.26.6.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	42.99.140.160 42.99.140.160	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
3	13.33.88.113 13.33.88.113	16509 (AMAZON-02) (AMAZON-02)
1	35.168.94.234 35.168.94.234	14618 (AMAZON-AES) (AMAZON-AES)
11	13.251.230.231 13.251.230.231	16509 (AMAZON-02) (AMAZON-02)
2	104.79.97.250 104.79.97.250	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.192.150.88 54.192.150.88	16509 (AMAZON-02) (AMAZON-02)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.16.89.20 104.16.89.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.192.150.56 54.192.150.56	16509 (AMAZON-02) (AMAZON-02)
1	18.155.68.80 18.155.68.80	16509 (AMAZON-02) (AMAZON-02)
3	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	54.169.222.109 54.169.222.109	16509 (AMAZON-02) (AMAZON-02)
1	34.120.155.137 34.120.155.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.228.164.9 13.228.164.9	16509 (AMAZON-02) (AMAZON-02)
2	63.140.48.177 63.140.48.177	16509 (AMAZON-02) (AMAZON-02)
1 1	18.138.150.144 18.138.150.144	16509 (AMAZON-02) (AMAZON-02)
2	3.106.169.216 3.106.169.216	16509 (AMAZON-02) (AMAZON-02)
2	52.76.164.205 52.76.164.205	16509 (AMAZON-02) (AMAZON-02)
1	54.192.150.93 54.192.150.93	16509 (AMAZON-02) (AMAZON-02)
2 3	104.254.148.251 104.254.148.251	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	50.116.239.150 50.116.239.150	6336 (TURN-US-ASN) (TURN-US-ASN)
2	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.250.73.166 13.250.73.166	16509 (AMAZON-02) (AMAZON-02)
2 3	142.251.10.157 142.251.10.157	15169 (GOOGLE) (GOOGLE)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	23.78.217.19 23.78.217.19	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	199.127.207.180 199.127.207.180	26120 (RHYTHMONE) (RHYTHMONE)
2 2	54.251.140.206 54.251.140.206	16509 (AMAZON-02) (AMAZON-02)
1 1	18.211.165.216 18.211.165.216	14618 (AMAZON-AES) (AMAZON-AES)
1	52.38.198.76 52.38.198.76	16509 (AMAZON-02) (AMAZON-02)
1 1	23.207.37.206 23.207.37.206	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	67.199.150.86 67.199.150.86	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	103.71.26.125 103.71.26.125	132134 (SPOTX-AS-...) (SPOTX-AS-AP SpotXchange)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	74.118.186.44 74.118.186.44	26120 (RHYTHMONE) (RHYTHMONE)
1	74.125.200.157 74.125.200.157	15169 (GOOGLE) (GOOGLE)
1	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
1	142.251.12.157 142.251.12.157	15169 (GOOGLE) (GOOGLE)
3	142.251.12.132 142.251.12.132	15169 (GOOGLE) (GOOGLE)
1	142.251.10.99 142.251.10.99	() ()
115	56

1 52.65.195.72 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-65-195-72.ap-southeast-2.compute.amazonaws.com

www.newsletters.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.71.48.190 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-48-190.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.155.68.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-122.sin52.r.cloudfront.net

static-au.newsletters.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.41.75.53 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-75-53.deploy.static.akamaitechnologies.com

image.e.newscorpaus.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.66.63 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-66-63.deploy.static.akamaitechnologies.com

image.exacttarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.71.49.6 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-49-6.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.71.48.157 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-48-157.deploy.static.akamaitechnologies.com

www.geelongadvertiser.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.91.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-91-15.sin2.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.79.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-24.sin2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-92.sin2.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-27.sin52.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.221.16.11 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-16-11.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.78.217.66 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-217-66.deploy.static.akamaitechnologies.com

cdn1.adoberesources.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.6.155 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 42.99.140.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-160.pacnet.net

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.88.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-113.sin2.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.94.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-94-234.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.251.230.231 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.79.97.250 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-97-250.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-88.sin2.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.192.150.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-56.sin2.r.cloudfront.net

au-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-80.sin52.r.cloudfront.net

ncg.tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.222.109 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.164.9 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-164-9.ap-southeast-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.48.177 (United States)

ASN16509 (AMAZON-02, US)

newscorpau.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.150.144 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-150-144.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.106.169.216 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-106-169-216.ap-southeast-2.compute.amazonaws.com

au.pixel.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.76.164.205 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-164-205.ap-southeast-1.compute.amazonaws.com

secure-sdk.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-93.sin2.r.cloudfront.net

nnr2mjrxech7mrnoyqk9dg4sxdycv1663952788.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.148.251 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.150 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d3273622690172371738-t4271359052014047577.id.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.73.166 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-73-166.ap-southeast-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.157 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.78.217.19 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-217-19.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.180 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.251.140.206 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.165.216 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-165-216.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.38.198.76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-198-76.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.37.206 (Jakarta, Indonesia) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-37-206.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.86 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.71.26.125 (Singapore, Singapore) 1 redirects

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net

7fce6f22f661e8d54b374a3c0fb702fa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.99 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	news.com.au www.newsletters.news.com.au static-au.newsletters.news.com.au tags.news.com.au — Cisco Umbrella Rank: 51772 ncg.tags.news.com.au — Cisco Umbrella Rank: 94296	702 KB
12	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 208 newscorpau.demdex.net — Cisco Umbrella Rank: 66394	16 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1036 sync-tm.everesttech.net — Cisco Umbrella Rank: 562	2 KB
7	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	158 KB
6	imrworldwide.com cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2458 secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6490 nnr2mjrxech7mrnoyqk9dg4sxdycv1663952788.nuid.imrworldwide.com	67 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 7fce6f22f661e8d54b374a3c0fb702fa.safeframe.googlesyndication.com tpc.googlesyndication.com	26 KB
4	dotmetrics.net au-script.dotmetrics.net — Cisco Umbrella Rank: 38507	39 KB
4	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1002	22 KB
3	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1370 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	3 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	290 B
3	serving-sys.com secure-ds.serving-sys.com — Cisco Umbrella Rank: 1967 bs.serving-sys.com — Cisco Umbrella Rank: 1209	24 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3283 collector.brandmetrics.com — Cisco Umbrella Rank: 3593	17 KB
3	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4494 udc-neb.kampyle.com — Cisco Umbrella Rank: 2422	87 KB
3	newscgp.com au.tags.newscgp.com — Cisco Umbrella Rank: 70114 au.pixel.newscgp.com — Cisco Umbrella Rank: 128998	48 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	46 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 563	1 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 396	381 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1103 beacon.krxd.net — Cisco Umbrella Rank: 513	528 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 961	1 KB
2	pubmatic.com image5.pubmatic.com — Cisco Umbrella Rank: 50237 image2.pubmatic.com — Cisco Umbrella Rank: 883	450 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 342	959 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 667 pixel.rubiconproject.com — Cisco Umbrella Rank: 335	1 KB
2	omtrdc.net newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 212259	5 KB
2	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 3496 pixel.adsafeprotected.com — Cisco Umbrella Rank: 616	7 KB
2	newscorpaustralia.com login.newscorpaustralia.com — Cisco Umbrella Rank: 76006	3 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1122 id5-sync.com — Cisco Umbrella Rank: 463	17 KB
2	zprk.io pixel.zprk.io — Cisco Umbrella Rank: 16772	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	newscorpaus.com.au image.e.newscorpaus.com.au	193 KB
1	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 97372	792 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 547	99 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 697	378 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 511	488 B
1	scanscout.com 1 redirects dt.scanscout.com — Cisco Umbrella Rank: 29849	698 B
1	amgdgt.com 1 redirects d3273622690172371738-t4271359052014047577.id.amgdgt.com	386 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1042	545 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 804	288 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 392	2 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1220	201 B
1	adoberesources.net cdn1.adoberesources.net — Cisco Umbrella Rank: 30792	20 KB
1	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 6003	44 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1317	24 KB
1	geelongadvertiser.com.au www.geelongadvertiser.com.au	83 KB
1	exacttarget.com image.exacttarget.com — Cisco Umbrella Rank: 332034	261 KB
115	46

	Domain	Requested by
11	dpm.demdex.net	tags.news.com.au www.newsletters.news.com.au
10	tags.news.com.au	tags.tiqcdn.com au.tags.newscgp.com
9	static-au.newsletters.news.com.au	www.newsletters.news.com.au
8	sync-tm.everesttech.net	8 redirects
4	au-script.dotmetrics.net	tags.news.com.au www.newsletters.news.com.au au-script.dotmetrics.net
4	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net
4	tags.tiqcdn.com	www.newsletters.news.com.au tags.tiqcdn.com
3	cm.g.doubleclick.net	2 redirects
3	ib.adnxs.com	2 redirects
3	www.facebook.com	www.newsletters.news.com.au
3	cdn-gl.imrworldwide.com	tags.news.com.au cdn-gl.imrworldwide.com
3	c.amazon-adsystem.com	tags.tiqcdn.com c.amazon-adsystem.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	ps.eyeota.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	match.adsrvr.org	2 redirects
2	secure-sdk.imrworldwide.com	www.newsletters.news.com.au
2	au.pixel.newscgp.com	au.tags.newscgp.com
2	newscorpau.sc.omtrdc.net	tags.news.com.au
2	login.newscorpaustralia.com	www.geelongadvertiser.com.au www.newsletters.news.com.au login.newscorpaustralia.com
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	cdn.brandmetrics.com	tags.tiqcdn.com cdn.brandmetrics.com
2	nebula-cdn.kampyle.com	tags.tiqcdn.com nebula-cdn.kampyle.com
2	pixel.zprk.io	tags.tiqcdn.com www.newsletters.news.com.au
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	image.e.newscorpaus.com.au	www.newsletters.news.com.au
1	www.google.com	tpc.googlesyndication.com
1	7fce6f22f661e8d54b374a3c0fb702fa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	sync.1rx.io
1	trc.taboola.com
1	image2.pubmatic.com
1	dsum-sec.casalemedia.com
1	pixel.rubiconproject.com
1	udc-neb.kampyle.com
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	dt.scanscout.com	1 redirects
1	image5.pubmatic.com	www.newsletters.news.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	token.rubiconproject.com	www.newsletters.news.com.au
1	d3273622690172371738-t4271359052014047577.id.amgdgt.com	1 redirects
1	d.turn.com	1 redirects
1	nnr2mjrxech7mrnoyqk9dg4sxdycv1663952788.nuid.imrworldwide.com	www.newsletters.news.com.au
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	api.rlcdn.com	tags.news.com.au
1	pixel.adsafeprotected.com	cdn.adsafeprotected.com
1	id5-sync.com	tags.news.com.au
1	ncg.tags.news.com.au	au.tags.newscgp.com
1	cdn.jsdelivr.net	tags.news.com.au
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	cdn.adsafeprotected.com	tags.news.com.au
1	ping.chartbeat.net	www.newsletters.news.com.au
1	cdn1.adoberesources.net	tags.tiqcdn.com
1	cdn.id5-sync.com	tags.tiqcdn.com
1	au.tags.newscgp.com	tags.tiqcdn.com
1	ats-wrapper.privacymanager.io	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	www.geelongadvertiser.com.au	static-au.newsletters.news.com.au
1	image.exacttarget.com	www.newsletters.news.com.au
1	www.newsletters.news.com.au
115	67

This site contains links to these domains. Also see Links.

Domain
www.geelongadvertiser.com.au

Subject Issuer	Validity	Valid
newsletters.news.com.au Amazon	`2021-10-18` - `2022-11-16`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
akamai-san25.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
akamai-san4.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-07-22`	a year	crt.sh
news.com.au GeoTrust RSA CA 2018	`2022-02-24` - `2023-02-25`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-03` - `2022-10-01`	3 months	crt.sh
au.tags.newscgp.com Amazon	`2022-01-11` - `2023-02-08`	a year	crt.sh
*.zprk.io Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-22` - `2023-03-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.adsafeprotected.com Amazon	`2022-06-21` - `2023-07-20`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2022-06-11` - `2023-06-11`	a year	crt.sh
*.dotmetrics.net Amazon	`2022-09-23` - `2023-10-21`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
www.newsconnect.com.au Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.google.com.au GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.newsletters.news.com.au/geelongadvertiser
Frame ID: AE61F0229E9F8F9EA9BC88189486B74C
Requests: 80 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.newsletters.news.com.au%2Fauth%2Fcallback&state=wKKZVUH61zsMVKYYmtVfVQ1Fk3bXYTlJ&nonce=mVfIJXlZQapJ9B8THHzQb-OP6JAv8Bsw&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 192E4152177B5476CD4F6186394E83AB
Requests: 3 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: A6FC71A3367E66FCB231EC6B759D7891
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: A6BDFFC63465C67C32397344CAC79159
Requests: 22 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 2E54F1C7DAD379497A9E51385B6B9B02
Requests: 3 HTTP requests in this frame

Frame: https://7fce6f22f661e8d54b374a3c0fb702fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 756E540451762715357FAC98FF7F02D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9149D1B91732C7EBBD9286AF4C29DD5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3412D9283E6B8214E7DF2722A31386A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newsletters

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

115
Requests

80 %
HTTPS

0 %
IPv6

46
Domains

67
Subdomains

56
IPs

9
Countries

2033 kB
Transfer

4945 kB
Size

72
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.geelongadvertiser.com.au/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://cm.everesttech.net/cm/dd?d_uuid=04852971406624214721993192296012067741 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nlQAAAFIl8QN9

Request Chain 76

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4383360168080125294

Request Chain 78

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://d3273622690172371738-t4271359052014047577.id.amgdgt.com/r/telco/tuid/4271359052014047577/duid/3273622690172371738/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D4271359052014047577 HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4271359052014047577

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDQ4NTI5NzE0MDY2MjQyMTQ3MjE5OTMxOTIyOTYwMTIwNjc3NDE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDQ4NTI5NzE0MDY2MjQyMTQ3MjE5OTMxOTIyOTYwMTIwNjc3NDE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJgYsS6aUF4ylFAir1wlIDU&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 83

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.newsletters.news.com.au&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.newsletters.news.com.au&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=13014b34-482d-41f2-90ce-bce5def83512

Request Chain 85

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nlhTdmVODDBMPxWI3LgAA%264727

Request Chain 87

https://dt.scanscout.com/ssframework/uid?UIAA=04852971406624214721993192296012067741&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0a2e0b13cadb9ff3140230155d72f0d4

Request Chain 88

https://ps.eyeota.net/match?bid=6j5b2cv&uid=04852971406624214721993192296012067741&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=04852971406624214721993192296012067741&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 89

https://usermatch.krxd.net/um/v2?partner=adobe&id=04852971406624214721993192296012067741 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=04852971406624214721993192296012067741

Request Chain 91

https://tags.bluekai.com/site/43981?id=04852971406624214721993192296012067741&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Request Chain 92

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXkzbmxRQUFBRklsOFFOOQ==

Request Chain 94

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy3nlQAAAFIl8QN9&expires=90

Request Chain 95

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nlQAAAFIl8QN9

Request Chain 96

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Yy3nlQAAAFIl8QN9

Request Chain 97

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy3nlQAAAFIl8QN9 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yy3nlQAAAFIl8QN9

Request Chain 99

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nlQAAAFIl8QN9

Request Chain 100

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nlQAAAFIl8QN9&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nlQAAAFIl8QN9&img=1&__user_check__=1&sync_id=123fd9d1-3b62-11ed-af43-1d7a88fc0507

Request Chain 101

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nlQAAAFIl8QN9&t=2592000&o=0

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request geelongadvertiser Show response
www.newsletters.news.com.au/ 228 KB
229 KB 520ms
301ms Document
text/html 52.65.195.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.65.195.72 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-65-195-72.ap-southeast-2.compute.amazonaws.com
Software: / Express
Resource Hash: 9fff69ec032b02d5209e9c7b86df7cd70a4e1f943cbbc6ec45db469ab5366f1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-length: 233711
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 17:06:24 GMT
etag: W/"390ef-bnEXIZtVy5K0XiPNfzv8ie3Tbw4"
x-amz-apigw-id: Y7EelEMzywMFQog=
x-amzn-remapped-connection: close
x-amzn-remapped-content-length: 233711
x-amzn-remapped-date: Fri, 23 Sep 2022 17:06:24 GMT
x-amzn-requestid: 5fc6d2e0-8232-466f-9d34-7d7fb6a655ac
x-amzn-trace-id: Root=1-632de790-26c2499b75ae772a7cab980d;Sampled=0
x-powered-by: Express

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/news/prod/ 4 KB
2 KB 613ms
203ms Script
application/x-javascript 104.71.48.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/news/prod/utag.sync.js
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-48-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 87f9b01a1d755db829c0fccbbc3a18026319fb5ebf309b27a6b4fa5a0a775898

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:25 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 03:19:20 GMT
server: AkamaiNetStorage
etag: "ba6f8d6b6c199c252daa9ea817bd555c:1663125560.045711"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1577
expires: Fri, 23 Sep 2022 17:11:25 GMT

GET
H2 200 manifest.85f4f337e94b40a6c472.js Show response
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/geelongadvertiser/ 828 B
1 KB 962ms
559ms Script
text/javascript 18.155.68.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/geelongadvertiser/manifest.85f4f337e94b40a6c472.js
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-122.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edbd4e1158da209902d5d90eef94f40af28482f57b23e76f33e1dddbf26015ff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:09:40 GMT
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
last-modified: Wed, 08 Dec 2021 03:52:31 GMT
server: AmazonS3
age: 25006
etag: "04d55433f9a3a762778217e06267dcd3"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: SIN52-P1
accept-ranges: bytes
content-length: 828
x-amz-cf-id: OFHV0Kn5h3uo0V6ibv4SzLxjEFOT3fIM3j6_J31cABN5kTlfxI3_-g==

GET
H2 200 vendor.2a991ac770ad01a003cc.js Show response
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/geelongadvertiser/ 340 KB
101 KB 599ms
197ms Script
text/javascript 18.155.68.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/geelongadvertiser/vendor.2a991ac770ad01a003cc.js
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-122.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df495c6a055b3616e655e1347387b18afd04a61cd2061cbd8e9a2713c7823e13

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:09:40 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 03:52:31 GMT
server: AmazonS3
age: 25006
etag: W/"a204834d96952f5badf8ff789370a1dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-amz-cf-id: vj_BNYNrSpczObfO_8WLZ8PT8HmG3pG8HA5KuLnE6f9j69MEnw0JOQ==

GET
H2 200 app.f63f23ebd1dcfccd2abc.js Show response
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/geelongadvertiser/ 134 KB
25 KB 935ms
533ms Script
text/javascript 18.155.68.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/geelongadvertiser/app.f63f23ebd1dcfccd2abc.js
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-122.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2af01613c61301f3c1307b136a19cff3fadbd22f37f3df5bdd85d18e5758cc8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:09:40 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 03:52:31 GMT
server: AmazonS3
age: 25006
etag: W/"4f64b781cd0cfeaa04ff5763b6ca35c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-amz-cf-id: Culo1i6-D9gSQS6uyJ4eW3oAjhUmXSD2atuvvBWrgnm03DWDXXEP7Q==

GET
H2 200 common.f63f23ebd1dcfccd2abc.css
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/geelongadvertiser/ 39 KB
7 KB 960ms
558ms Stylesheet
text/css 18.155.68.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/geelongadvertiser/common.f63f23ebd1dcfccd2abc.css
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-122.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 872439e99adac6cc9048457232bc781bb108cdd7c1a56ec8cd26f921e1ba98ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:09:40 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 03:52:31 GMT
server: AmazonS3
age: 25006
etag: W/"479b4d5ddb732fd31616c02c69f02172"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-amz-cf-id: qfaS0jxD-17lHPyOUE9NV1sW8Lm9N2yiWWKBUcLpY_ISAkYTnxycug==

GET
H2 200 geelongadvertiser.svg
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/logos/ 11 KB
5 KB 352ms
351ms Image
image/svg+xml 18.155.68.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/logos/geelongadvertiser.svg
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-122.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7982b9e4d876d7f733da571630e8165a27134c117ca1360cbe5ae5b74c938122

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:09:40 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 03:52:31 GMT
server: AmazonS3
age: 25006
etag: W/"3e2fdc8ac1b87b729b2e8ccb55c7bc4b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-amz-cf-id: iN3bKW2T4hynkRQippyOG22Aea-kLpdBUE9oWMyOfL6Wtm15tH7UUA==

GET
H/1.1 200
OK 4afb8069-33bc-4dbe-a9c1-a336640703df.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/4/ 83 KB
83 KB 3920ms
1921ms Image
image/jpeg 23.41.75.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/4/4afb8069-33bc-4dbe-a9c1-a336640703df.jpg
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.75.53 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-75-53.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d8350cb98f0fc57bcb74cece1116fef2c686431f2a99b36d1e7fd9cf1a3d205a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 17:06:29 GMT
Last-Modified: Tue, 19 May 2020 07:04:16 GMT
Server: AkamaiNetStorage
ETag: "8e090313e0a41f0ff69402c17a5705d4:1589871856.781514"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84608

GET
H2 200 geelongadvertiser-white.svg
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/logos/ 11 KB
5 KB 614ms
613ms Image
image/svg+xml 18.155.68.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/logos/geelongadvertiser-white.svg
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-122.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f42521df2fa5dfb4ca04ac5156b9279fdf193be3a481e5eceed3ae13b0fb4c22

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:26 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 03:52:31 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-P1
etag: W/"b86c622ec533a910d8773f15198d7bb8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-id: qrWET4RyepP67alcfz2XbmTcS0ulTFPaFB9hf-mOeK9TDoc4TTuCIg==

GET
H/1.1 200
OK 86a3d6e2-52b2-4f96-880a-f4d2222ef4f1.jpg
image.exacttarget.com/lib/fe9515747362007f76/m/1/ 260 KB
261 KB 2215ms
925ms Image
image/jpeg 23.41.66.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.exacttarget.com/lib/fe9515747362007f76/m/1/86a3d6e2-52b2-4f96-880a-f4d2222ef4f1.jpg
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.66.63 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-66-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 862b069ede34eb082e53519fd9e854ca40ba46fd17d1ae40da14b7d584625b94

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 17:06:27 GMT
Last-Modified: Wed, 17 Feb 2021 08:31:59 GMT
Server: AkamaiNetStorage
ETag: "57a133d0df8225c07dc666e347665dfb:1613550719.928203"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 266565

GET
H/1.1 200
OK 6e1c7f9c-4cb2-4c4f-b2b2-876a60cd6aa3.jpg
image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/7/ 110 KB
110 KB 4168ms
2170ms Image
image/jpeg 23.41.75.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.e.newscorpaus.com.au/lib/fe8e15747362037b76/m/7/6e1c7f9c-4cb2-4c4f-b2b2-876a60cd6aa3.jpg
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.75.53 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-75-53.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0ffd94940cd7d1c0646cc5c0749976f13a216556aff4ffd62f516941716c5ed5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 17:06:29 GMT
Last-Modified: Tue, 25 May 2021 08:29:07 GMT
Server: AkamaiNetStorage
ETag: "1934a9b1a9114b8606671fab5f94e3fd:1621931347.282924"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 112352

GET
H2 200 Roboto-Regular.woff
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/Roboto-Regular-export/ 9 KB
10 KB 564ms
182ms Font
binary/octet-stream 18.155.68.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/Roboto-Regular-export/Roboto-Regular.woff
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-122.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 769aad2df62fab24da6910b5a5f66c574faa53eb43b1add8308933a75880c06e

Request headers

Referer: https://www.newsletters.news.com.au/
Origin: https://www.newsletters.news.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 08:59:45 GMT
via: 1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
last-modified: Wed, 08 Dec 2021 03:52:31 GMT
server: AmazonS3
age: 13853201
etag: "55810e346802ee7d3e9bdd0e4dfa3b49"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: SIN52-P1
accept-ranges: bytes
content-length: 9432
x-amz-cf-id: pinEelkXbUHebl6XVqhkrUwdUk5zr-KhYpghQK5p0-NI-SVzIeJ0oQ==

GET
H2 200 RobotoCondensed-Bold.woff
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/RobotoCondensed-Bold-export/ 9 KB
9 KB 583ms
201ms Font
binary/octet-stream 18.155.68.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/RobotoCondensed-Bold-export/RobotoCondensed-Bold.woff
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-122.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 217ed39fce003a763daeec9689fa20df1d9f1dcdc7daed0839b8f0343711d7d7

Request headers

Referer: https://www.newsletters.news.com.au/
Origin: https://www.newsletters.news.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 00:20:25 GMT
via: 1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
last-modified: Wed, 08 Dec 2021 03:52:31 GMT
server: AmazonS3
age: 14921161
etag: "f55dc08e741ff58fa211c1f13b89c774"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: SIN52-P1
accept-ranges: bytes
content-length: 9308
x-amz-cf-id: lkrbsEPWj04CIs0kiVkNaXHAOTJknyNalF-k-PG2C7s-hliHNFdzeQ==

GET Merriweather-Light.woff
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/Merriweather-Light-export/ 0
0

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/gea/prod/ 73 KB
18 KB 205ms
205ms Script
application/x-javascript 104.71.48.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-48-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 79faae7cce89185fadfe012d9cd154c8ccda2e5d9c171000ef0284f927e11e10

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:25 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 03:46:36 GMT
server: AkamaiNetStorage
etag: "a278764894a855e97e6906fcb907da08:1662349596.054168"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 18657
expires: Fri, 23 Sep 2022 17:11:25 GMT

GET
H2 200 Merriweather-Light.ttf
static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/Merriweather-Light-export/ 76 KB
76 KB 192ms
191ms Font
binary/octet-stream 18.155.68.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/Merriweather-Light-export/Merriweather-Light.ttf
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-122.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b974909fad0b296dcd51e6894876a0b7ea8cff86c950d4568ffe09241244f6f

Request headers

Referer: https://www.newsletters.news.com.au/
Origin: https://www.newsletters.news.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 09:04:39 GMT
via: 1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
last-modified: Wed, 08 Dec 2021 03:52:31 GMT
server: AmazonS3
age: 5644907
etag: "86c0c46388fd8f03a603424f8079dd24"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: SIN52-P1
accept-ranges: bytes
content-length: 77396
x-amz-cf-id: xd3YlUBYhF9NL5bJzfLJObZwXFniF-nC-wBcVzO3rIaqDMiNHde89w==

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 799ms
199ms Script
application/x-javascript 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:26 GMT
cache-control: max-age=71395
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 800ms
201ms Script
application/x-javascript 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16639527856270.21536029683303193
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:26 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 839
expires: Fri, 23 Sep 2022 17:06:26 GMT

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 65 B
411 B 973ms
371ms XHR
text/plain 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:26 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary: Origin, Origin, Origin
content-type: text/plain
access-control-allow-origin: https://www.newsletters.news.com.au
cache-control: max-age=0, no-cache
content-length: 65
mime-version: 1.0
expires: Fri, 23 Sep 2022 17:06:26 GMT

GET
H2 200 rampart.js Show response
www.geelongadvertiser.com.au/remote/identity/rampart/latest/ 277 KB
83 KB 834ms
228ms Script
application/x-javascript 104.71.48.157
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: static-au.newsletters.news.com.au
URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/dist/geelongadvertiser/app.f63f23ebd1dcfccd2abc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-48-157.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
vary: User-Agent, Accept-Encoding
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type: application/x-javascript
cache-control: max-age=1731
date: Fri, 23 Sep 2022 17:06:27 GMT
is-https: true
x-opw: 4
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Fri, 23 Sep 2022 17:35:18 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 549ms
202ms Script
application/x-javascript 13.33.91.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-91-15.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: 4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:53:04 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:51:11 GMT
server: nginx
age: 803
etag: W/"62d7517f-1181e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: SIN2-P2
x-amz-cf-id: 1xRhQuTilsKP3ZEudaBb5iEQCMifdcf2g738FV63v7-O9W_HqENb0g==
expires: Fri, 23 Sep 2022 18:53:04 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 184 KB
63 KB 240ms
240ms Script
application/x-javascript 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 36e299f45673885e6b5d62d38c3b76d863aa2a0b511a2c1327359273380703a0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "9eb05ec342e2e8bb70ca106d47373e89:1663130616.359726"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=35987
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 107 KB
33 KB 230ms
229ms Script
application/x-javascript 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e70bd440c10e5906797794cb77fa09cede63306250588bce7ed75f466b41884d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "08fe99de660944ffd677aa09c2ad8154:1663643873.920173"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=43893
content-type: application/x-javascript
content-length: 33375

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 528ms
181ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

sffe /

Resource Hash

3916243359bf2cfb605813c893d37dbca79b468279dcf1daad25fea83e649102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27811
x-xss-protection: 0
server: sffe
etag: "1342 / 982 of 1000 / last-modified: 1663931308"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Sep 2022 17:06:27 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 167 KB
43 KB 583ms
203ms Script
application/javascript 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 23 Sep 2022 17:05:28 GMT
via: 1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront), 1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 20:15:32 GMT
server: AmazonS3
age: 60
etag: W/"0b4d277527066dd35dd7c0288cb596b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: SIN2-P2, SIN2-P2
content-encoding: gzip
x-amz-cf-id: dG0gH03hFaP-kUIsiDDtBhGerMTOMBSJWVjGtF7MF8WnJtViR7Sn6Q==

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 362 KB
111 KB 621ms
621ms Script
application/x-javascript 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 42ffbcd5fae6a0eda00246031330f0c87d21ec4c9451787199c02d49746a3d12

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "38085f66de7dcd7c22d408e9044e03b1:1655686301.436641"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=39399
content-type: application/x-javascript

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 126 KB
44 KB 541ms
193ms Script
application/javascript 54.192.150.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-92.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0422c1be425a330e066dc9ac7ba5d76e323e757b3ddc2a95c5319e2ca5090968

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: HE1xTUGQPvbYegvSQqoru0pjiqV0i.E5
content-encoding: gzip
etag: W/"c331a61ccc8287ce655141bd19a0411f"
last-modified: Mon, 19 Sep 2022 04:16:45 GMT
server: AmazonS3
age: 2869
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2a45d2b5ea9ef7dcb9d372459729c164.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=3600
date: Fri, 23 Sep 2022 16:18:39 GMT
x-amz-cf-pop: SIN2-C1
x-amz-cf-id: DmtqlGc0_dWJD6Xy-d3qt1_RZiK-lR0jp2V5gDFynGglOpjYEU9H8g==

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 25 KB
10 KB 203ms
202ms Script
application/x-javascript 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=64695
content-type: application/x-javascript
content-length: 9840

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 514ms
171ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: c4TrrHUjoINJ7hKRqr0krNCgBqpVNzrLcNb4c1ND1L/iAbQnjwzleDBdBpPg1Mqkp+S9WsRV+Qy/VAyVEIiatA==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 17:06:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 543ms
195ms Script
text/javascript 18.155.68.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-27.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 17:03:55 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 21 Mar 2022 03:18:38 GMT
Server: AmazonS3
Age: 152
ETag: W/"cd21e4d44772e851dcd7105fef09c01e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: zzFsjTSTem7E9iDxJezfq2LmsPWIUVrv7fNRQbICL3Ds6j1cB7esdQ==

GET
H2 200 3zcdIyo2Tk.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 517ms
172ms Script
text/plain 52.221.16.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-09-23T17%3A06%3A27.314Z&country=au&newsconnectId=&fpid=
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.221.16.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-16-11.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 20e5bcd3261542eaa806200dd2ee86c4627047fb78504eb362394b7512db8b11

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2830
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 1 KB
949 B 263ms
85ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1e0048d90172ebbb946617c24a981dbc8a4d585329c16ecd3eeac25d6a0acd58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: G_uOFaRAX6MbltPrZ4eQxYjXSVaorpvs
content-encoding: gzip
etag: "d3a4ba724c6dc4f78dd9808b516fecba"
age: 305425
via: 1.1 varnish
x-cache: HIT
vary: Accept-Encoding
content-length: 520
x-amz-id-2: T3GZEFkLDo9N8/3VTBJpi188JWOEJYpe5g6gfVvQPE58ZvWEOCBaByhiwn48eOXBGoly88KOHUw=
x-served-by: cache-mel11238-MEL
last-modified: Tue, 20 Sep 2022 04:16:03 GMT
server: AmazonS3
x-timer: S1663952788.535651,VS0,VE0
date: Fri, 23 Sep 2022 17:06:27 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 73HQHDHHEYFP1R1P
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 247357

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 56 KB
16 KB 297ms
103ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
age: 407
etag: W/"68154020ef14b5881614607902c7c21b"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 74f4defa3c0a5ab8-MEL
x-amz-request-id: AGVQ42H585Y6XTD5
x-amz-id-2: r9hllPMLzNEYnU3swJXcEwKssC39JhI8AZXWHVVaG+7VxlSjWm0FNcWZNPXHsNiMlMq1IA2cRX0=

GET
H2 200 alloy.min.js Show response
cdn1.adoberesources.net/alloy/2.9.0/ 71 KB
20 KB 817ms
200ms Script
application/x-javascript 23.78.217.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.78.217.66 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-78-217-66.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:28 GMT
content-encoding: br
last-modified: Fri, 18 Mar 2022 11:22:12 GMT
server: Akamai Resource Optimizer
etag: "9de0c970a450653866276eaad3325344:1646937469.390599"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
strict-transport-security: max-age=86400 ; includeSubDomains
accept-ranges: bytes
content-length: 20617
expires: Fri, 23 Sep 2022 18:06:28 GMT

GET
H2 200 nca_aep.js Show response
tags.news.com.au/prod/aep/ 5 KB
2 KB 217ms
216ms Script
application/x-javascript 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/aep/nca_aep.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ab9b143c1a9f51f38c62db005fb4b49572e4d796f0e74e6b3b56ee41036f954

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "09c229fdb7af1d8ac7248f68a4e2145d:1657170208.878739"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=20256
content-type: application/x-javascript
content-length: 2231

GET
H2 200 nca_ipsos.js Show response
tags.news.com.au/prod/ipsos/ 30 KB
7 KB 224ms
224ms Script
application/x-javascript 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 21f20f84cde9b9bb5d03446360d1909696d9e346bd970e8306a3d0565a82fc82

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "f195a817810e0c6b1880a6e2edc2d073:1660712926.791363"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=75554
content-type: application/x-javascript
content-length: 7136

GET
H2 200 geelongadvertiser.js Show response
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 6 KB
3 KB 297ms
103ms Script
text/javascript 104.26.6.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/geelongadvertiser.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02db6085d2b384c5a8c4162969f767c00291344634e081fd124b0b48822818a8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 16:40:45 GMT
server: cloudflare
age: 1542
cf-polished: origSize=5864
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXHqnA3op25pFNiVeUCGxaK%2BJxyNXgq4UZkdaWdxH3PaWxSlnFr8A%2B1ReMaSDE%2B%2BIi2WoKrnhaYbDdHdHoW1LRJHxaKyYpzZfK%2Fi83TOtBPbob0EgMR09wYorUrMxYeCy%2F734AmL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74f4defc1c9f17ce-MEL
cf-bgj: minify

GET
H2 200 utag.668.js Show response
tags.tiqcdn.com/utag/newsltd/gea/prod/ 2 KB
1 KB 202ms
202ms Script
application/x-javascript 104.71.48.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.668.js?utv=ut4.46.201910010244
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-48-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f6b0db93e80409a03e7ad626a8fc83e337afa51ecd565543f6c09231d7d9538e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 04:43:32 GMT
server: AkamaiNetStorage
etag: "a239b75a228957b214063839476fe6b3:1631767412.219532"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 900
expires: Sat, 08 Oct 2022 17:06:27 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 69 KB
21 KB 857ms
288ms Script
application/javascript 42.99.140.160
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-160.pacnet.net
Software: AmazonS3 /
Resource Hash: 704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:28 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 08:55:48 GMT
server: AmazonS3
x-amz-cf-pop: ATL58-P1
etag: W/"095a7b562e641bfc203fc3ef9697c6bc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21384
x-amz-cf-id: Mg-PJrPZYvUFlAGyPVC9EWlvXHDkYYQUS1sjVFkZHnJNCU2RdwDlbg==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 202ms
202ms Script
application/x-javascript 104.71.48.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/gea/202209050346&cb=1663952787522
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-48-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 23 Sep 2022 17:16:27 GMT

GET
H2 200 P9639CC51-2F11-48E8-B888-393496680A12.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 572ms
181ms Script
application/javascript 13.33.88.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P9639CC51-2F11-48E8-B888-393496680A12.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-113.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c261147bf4256326fe74979596ca8fb13dae170d9b7586b1edbf7f0bb2fe9cf6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: osiFhC4BsEukeAQaNcBwSQJMz_8TzyAj
content-encoding: gzip
etag: W/"b76e8b8476a48119b813a1c358420395"
last-modified: Fri, 23 Sep 2022 11:17:50 GMT
server: AmazonS3
age: 83
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Fri, 23 Sep 2022 17:06:28 GMT
x-amz-cf-pop: SIN2-P2
x-amz-cf-id: 0EVkHegKackLxMbktPPJGq5IyFPy4LssnPDeBU0feaXevAht-kGOdw==

GET
H2 200 3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 35 B
294 B 173ms
172ms Image
image/gif 52.221.16.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=0ace17fcd6b99047e5bd5f43a91de8b4&timewithTz=2022-09-23T17:06:27.314Z&country=au&newsconnectId=&fpid=
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.221.16.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-16-11.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 35
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: image/gif

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 872ms
289ms Image
image/gif 35.168.94.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=geelongadvertiser.com.au&p=%2Fgeelongadvertiser&u=UbR6dB7m82NBEe2dw&d=newsletters.news.com.au&g=36976&g0=newsletters%2Cindex%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1656&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3811&t=CK4oVBeqhfjDBJWy1Cu8knxBeGPav&V=136&i=Newsletters&tz=0&sn=1&sv=DBHsk5DKRRZxTG0UsIMJKEBVse7E&sd=1&im=06030403&_
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.94.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-94-234.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:28 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 42 KB
14 KB 102ms
101ms Script
text/javascript 104.26.6.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=0a32300b-926c-4527-972e-7a0727bd0c6b&toploc=www.newsletters.news.com.au
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/geelongadvertiser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a547c4128d0639e5707d680eeee4cf5ff5cdfed9893dbed7c8ee69fb02ebdff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 16:36:42 GMT
server: cloudflare
age: 1785
cf-polished: origSize=44104
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kx%2Fm5b3qlHzzMeg9alfPKkiz2yrEi8D1PnVjblq4MY58%2BOtzUarb2LTvmjZNTGXWN5L8pobpenVPb67zCrUORxscwRFRtdHBb8m%2Ftw3PozzDt%2BHWur%2F25ObdP03%2FRmL6pYSjBqt9"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74f4defcbd0317ce-MEL
cf-bgj: minify

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 689ms
173ms XHR
application/json 13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663952787932

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

12a09aca6754930779b5213e478f932e6255a1e85c864af85b03d10c3e2d30d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsletters.news.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-apse-2-v038-008f70772.edge-apse.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: dm6wiuKxQ98=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.newsletters.news.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1569
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 192E 2 KB
3 KB 1056ms
449ms Document
text/html 104.79.97.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.newsletters.news.com.au%2Fauth%2Fcallback&state=wKKZVUH61zsMVKYYmtVfVQ1Fk3bXYTlJ&nonce=mVfIJXlZQapJ9B8THHzQb-OP6JAv8Bsw&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D

Requested by

Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.79.97.250 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-79-97-250.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

c0d5a0704ca198e50df128187ab6d5926f7975f28b7884f113d2a3dd2dec6a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsletters.news.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 74f4df0188bee304-HKG
content-encoding: gzip
content-length: 807
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type: text/html;charset=UTF-8
date: Fri, 23 Sep 2022 17:06:28 GMT
expires: Fri, 23 Sep 2022 17:06:28 GMT
ot-baggage-auth0-request-id: 74f4df0188bee304
ot-tracer-sampled: true
ot-tracer-spanid: 65f0779f7fc56544
ot-tracer-traceid: 13b22a4947541b8a
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-65f0779f7fc56544-000000000000000013b22a4947541b8a-01
tracestate: auth0-request-id=74f4df0188bee304,auth0=true
vary: Accept-Encoding
x-akamai-transformed: 9 546 0 pmb=mTOE,3
x-auth0-requestid: 6a362f8a393821bd27ce
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1663952789

GET
H2 200 316290525736583 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 171ms
171ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/316290525736583?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

c853664140e6ba15f2e1e5800cf192893a81e742044e27df50fa3d5c4d357cd2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85851
x-xss-protection: 0
pragma: public
x-fb-debug: nqhjj+pYEycajttaxh7FTedc33RGjdOwXkrWUm731KJep0uFRXuPeV028hnNscz7NCnWiDcfMKOexGZZR5E7YQ==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 17:06:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 519ms
177ms Script
application/javascript 54.192.150.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-88.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 02:55:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 51056
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 a84eb604396158af577c875ac569048a.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: SIN2-C1
X-Amz-Cf-Id: VZ8kMC_8PE9zMEK0hiEOhCpr7rMk8fV7vxQnFKxslCraFnZUac-Sng==

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 65 B
357 B 203ms
202ms XHR
text/plain 104.71.49.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-49-6.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:28 GMT
server: AkamaiNetStorage
etag: "519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary: Origin, Origin, Origin
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
access-control-allow-origin: https://www.newsletters.news.com.au
cache-control: max-age=3598
content-type: text/plain
content-length: 65

GET
H2 200 pubads_impl_2022091901.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 182ms
181ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

sffe /

Resource Hash

b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131339
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 08:34:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Sep 2023 10:39:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 190 B
152 B 513ms
180ms XHR
application/json 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newsletters.news.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

9dd58acd69b7e8e872e425947e06e8470d323e5be776da6f01cc85238e5fcfad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 17:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127
x-xss-protection: 0
expires: Fri, 23 Sep 2022 17:06:28 GMT

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
76 B 991ms
325ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=0a32300b-926c-4527-972e-7a0727bd0c6b&toploc=www.newsletters.news.com.au&rnd=754961
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=0a32300b-926c-4527-972e-7a0727bd0c6b&toploc=www.newsletters.news.com.au
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:28 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 386ms
385ms XHR
text/plain 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.newsletters.news.com.au
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:28 GMT
via: 1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.newsletters.news.com.au
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: QukdN1ooGCXCgTV54Nh6YD0SsyaPELNSM_V5egyOs5q2H4EAUV4w-Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 508ms
169ms XHR
application/javascript 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 23:11:31 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 64497
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
via: 1.1 cccd1c02ebcc6a46e3ee52075ec059e8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: SIN2-P2
content-type: application/javascript
x-amz-cf-id: 1E8kQ1hWbUbGjtvNYx1XAn4P2Re2v3MjgSdXaNMwJOgRz867L3fZaQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 302ms
105ms XHR
application/json 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220923

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newsletters.news.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 17:06:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7530
x-jsd-version: 1.0.1472
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19156-FRA, cache-yyz4566-YYZ
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66c-5kcFU4ELpJ/3TUqY2DoFFkrnMcY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYExiiLNYDyPFiBHaBlTaeBA1QCi0Gg%2F5WXfBxuXmEtdQqYIBptbdgdk0h%2F%2BrunGUB%2F0VVwD3XC9wnWTL%2BWH6jE7XPAJE3sP3hbAGZrzWEo0CONTO1g5NFg%2FZXZpQsAa4lM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 74f4deffea823774-MEL

GET
H2 200 door.js Show response
au-script.dotmetrics.net/ 9 KB
4 KB 798ms
452ms Script
application/javascript 54.192.150.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/door.js?id=13075
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-56.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: b8622901620da24c8565a4ba8ee7e2f0180aaf2e0e2a6d05151f250f7226572b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:28 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "13075...214.2022092317"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: v7qwjJexpj88duU-a6hxr6nfF8l6ZcBJZZ7ckNlyojfBh-JK9KVigw==

GET
H/1.1 200
OK cookie.html Show response
ncg.tags.news.com.au/prod/ncg/ Frame A6FC 12 KB
4 KB 514ms
169ms Document
text/html 18.155.68.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-80.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer: https://www.newsletters.news.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Age: 2739
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 23 Sep 2022 16:20:50 GMT
ETag: W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified: Mon, 21 Mar 2022 03:18:39 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 4376bdbc2156cdc5e55ce044165e0424.cloudfront.net (CloudFront)
X-Amz-Cf-Id: KdhSRJlRjZJn3VAOvUjMKZd65VZUkjW_DsqUvqnLhdMunURp68Z8Cw==
X-Amz-Cf-Pop: SIN52-P1
X-Cache: Hit from cloudfront

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 508ms
170ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316290525736583&ev=PageView&dl=https%3A%2F%2Fwww.newsletters.news.com.au%2Fgeelongadvertiser&rl=&if=false&ts=1663952788441&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.2.1663952788440.1004746115&it=1663952788032&coo=false&rqm=GET

Requested by

Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 17:06:28 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 195 KB
55 KB 211ms
211ms Script
application/javascript 13.33.88.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P9639CC51-2F11-48E8-B888-393496680A12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-113.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding: gzip
etag: W/"81a9e2a298d0019660cb2966f0c24748"
age: 2315
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
date: Fri, 23 Sep 2022 16:27:54 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: SIN2-P2
x-amz-cf-id: TU03_ebL1yp6FWVpgYNjUvTVnIBSVbc388qFhDlrusm2dncBZokkfA==

POST
H/1.1 200 701.json Show response
id5-sync.com/g/v2/ 456 B
1 KB 1123ms
371ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/701.json

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

83350d65f261ae30883cad4bbfd624ee0097e7f383c2d6f29de0e1f209c21b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.newsletters.news.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 17:06:29 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.newsletters.news.com.au
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 238 B
481 B 522ms
181ms XHR
application/json 54.169.222.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.gea/newsletters,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=ca55e56a-5869-3e01-784a-aeaf50d9bbbe&url=https%253A%252F%252Fwww.newsletters.news.com.au%252Fgeelongadvertiser
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ba9fc7b957daef563d221a58df19a60709a134d72517cce049cb2921fbaea351

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:29 GMT
x-server-name: app02.sg.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.newsletters.news.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 204 envelope Show response
api.rlcdn.com/api/identity/ 0
288 B 448ms
275ms XHR
text/plain 34.120.155.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsletters.news.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 17:06:28 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.newsletters.news.com.au
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame A6BD 7 KB
3 KB 684ms
171ms Document
text/html 13.228.164.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.228.164.9 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-164-9.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsletters.news.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-apse-2-v038-0563f3fe0.edge-apse.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: axXQsfHuRVk=
content-encoding: gzip
date: Fri, 23 Sep 2022 17:06:29 GMT
last-modified: Mon, 19 Sep 2022 09:55:43 GMT
vary: accept-encoding

GET
H2 200 id Show response
newscorpau.sc.omtrdc.net/ 2 B
276 B 517ms
175ms XHR
application/x-javascript 63.140.48.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=04831720438246335941991066648684749447&ts=1663952788645

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.48.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsletters.news.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 23 Sep 2022 17:06:29 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.newsletters.news.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yy3nlQAAAFIl8QN9
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=04852971406624214721993192296012067741
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nlQAAAFIl8QN9

42 B
948 B

344ms
172ms

Image
image/gif

13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nlQAAAFIl8QN9

Requested by

Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser

Protocol

HTTP/1.1

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcscanary-prod-apse-1-v049-0425248eb.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gcQaL+wFRqY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nlQAAAFIl8QN9
Date: Fri, 23 Sep 2022 17:06:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 18 KB
2 KB 840ms
280ms XHR
application/octet-stream 42.99.140.160
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-160.pacnet.net
Software: AmazonS3 /
Resource Hash: 289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: W_yTpbzpqY89CZHjDkmLnffsRbstOxY.
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 05:38:14 GMT
server: AmazonS3
x-amz-cf-pop: ATL58-P4
etag: "189bff3ecbc5fc21ff53bd3b46f8ee8b"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=51
date: Fri, 23 Sep 2022 17:06:29 GMT
accept-ranges: bytes
content-length: 1284
x-amz-cf-id: 17OsOtIjsmEXrPJkCcxBX8o6mHpHJQqkCcdA_43J0MjKs99GynPC8Q==

OPTIONS
H/1.1 200
OK tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 0
0 501ms
100ms Preflight 3.106.169.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.106.169.216 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-106-169-216.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.newsletters.news.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.newsletters.news.com.au
Access-Control-Max-Age: 600
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 23 Sep 2022 17:06:29 GMT
Server: nginx

POST
H/1.1 200
OK tp2 Show response
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 2 B
564 B 389ms
100ms XHR
text/plain 3.106.169.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.106.169.216 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-106-169-216.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.newsletters.news.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 17:06:29 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.newsletters.news.com.au
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 2E54 12 KB
4 KB 173ms
173ms Document
text/html 13.33.88.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-113.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.newsletters.news.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2324
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Fri, 23 Sep 2022 16:27:45 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
x-amz-cf-id: 61SQQLuZQHWgqrqJfzjb2FWpzzTDZ1Pa3gc8Q3r9q6kYaRO30IVfLA==
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache: Hit from cloudfront

GET
H2 200 hit.gif
au-script.dotmetrics.net/ 43 B
1 KB 271ms
270ms Image
image/gif 54.192.150.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-script.dotmetrics.net/hit.gif?id=13075&url=https%3A%2F%2Fwww.newsletters.news.com.au%2Fgeelongadvertiser&dom=www.newsletters.news.com.au&r=1663952789046&pvs=1&pvid=a4fe16d0-2629-4899-978d-2042fa4576c5&c=true&tzOffset=0
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-56.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:29 GMT
dotmetrics-hit-status: 05 DOMAIN_INVALID
server: Kestrel
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: image/gif
x-amz-cf-id: 94-hEaTQZKgA5Acr2HvYxseGWUlE_GWiEFl7Go4JPGIS8x5kRwQLsg==

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 2E54 44 B
721 B 516ms
171ms Image
image/gif 52.76.164.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P9639CC51-2F11-48E8-B888-393496680A12&sessionId=nnr2mjrxech7mrnoyqk9dg4sxdycv1663952788&c16=sdkv,bj.6.0.0&uoo=&fp_id=vwqjpiztvmujgzyy6nrb9nfioqosx1663952788&fp_cr_tm=1663952788859&fp_acc_tm=1663952788859&fp_emm_tm=1663952788859&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.164.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-164-205.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:29 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
nnr2mjrxech7mrnoyqk9dg4sxdycv1663952788.nuid.imrworldwide.com/ Frame 2E54 35 B
350 B 528ms
170ms Image
image/gif 54.192.150.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nnr2mjrxech7mrnoyqk9dg4sxdycv1663952788.nuid.imrworldwide.com/
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-93.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 22:17:16 GMT
via: 1.1 b0fefe61f56a8633f9022434d425989c.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 67754
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: SIN2-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: 7zO2go6TdupBcJyqOxC4yEOoFb6g5_zg72-wu7wLLSEC9vQ_yC_XIA==

POST
H2 403 csp-reports
login.newscorpaustralia.com/ 0
0 822ms
221ms Other
text/html 104.79.97.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/csp-reports
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.97.250 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-97-250.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newsletters.news.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

GET 2970e277
login.newscorpaustralia.com/akam/13/ Frame 192E 0
0

GET 1McDhLIVMB
login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/ Frame 192E 0
0

GET
H2 200 script.js Show response
au-script.dotmetrics.net/Scripts/ 79 KB
33 KB 290ms
289ms Script
application/javascript 54.192.150.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/Scripts/script.js?v=214
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-56.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: b07f5a1999429f79826a2454193403d52131db0eab4dfbd79a38b8d980808ed3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:29 GMT
content-encoding: br
last-modified: Mon, 05 Sep 2022 12:02:11 GMT
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "1d8c11f544f5886"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-cf-id: baQTWpe2DhZtubSySjZ-7Z1MQ-BcERiQXwsbdy33ZQ7528NrwmYpDQ==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 173ms
173ms XHR
application/json 13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=04831720438246335941991066648684749447&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1663952789165

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

3c4a6bb5889a76a7482c62046840ad718250ccebe0ef051f0877923dbafcc3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newsletters.news.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-apse-2-v038-0037eba19.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: BTgdcQF4QUM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.newsletters.news.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1570
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=4383360168080125294
dpm.demdex.net/ Frame A6BD
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4383360168080125294

42 B
948 B

174ms
173ms

Image
image/gif

13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=4383360168080125294

Requested by

Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser

Protocol

HTTP/1.1

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcscanary-prod-apse-1-v049-0425248eb.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: cQX5LbqLRLM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 17:06:30 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1fe43680-42a2-4365-84ae-e0479c4f22e0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=4383360168080125294
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 s92982597007592 Show response
newscorpau.sc.omtrdc.net/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/ 5 KB
5 KB 180ms
180ms Script
application/x-javascript 63.140.48.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.sc.omtrdc.net/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/s92982597007592?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=23%2F8%2F2022%2017%3A6%3A29%205%200&d.&nsid=0&jsonv=1&.d&mid=04831720438246335941991066648684749447&aamlh=3&ce=UTF-8&ns=newscorpau&cdp=3&pageName=ga%7Cnewsletters%7Cindex%7Cnewsletters&g=https%3A%2F%2Fwww.newsletters.news.com.au%2Fgeelongadvertiser&c.&getNewRepeat=3.0&getPreviousValue=3.0&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent63%3D39&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cgeelong%20advertiser%7Cgeelong%20advertiser%20web%7Cnewsletters&c2=D%3Dv2&v2=geelong%20advertiser&c3=D%3Dv3&v3=geelong%20advertiser%20web&c4=D%3Dv4&v4=newsletters&c9=D%3Dv9&v9=index&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=3%3A06%20AM%7CSaturday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c60=D%3Dv60&v60=39&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cvic%7Cmelbourne%7C-37.82%7C144.97%7Cgmt%2B10%7Cunknown&v79=au&v80=00000000000000000000000000000000-00000000000000000000000000000000-1663952786702-195280&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.48.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

3d6fb57b45b7811e1655d553bb454240c3afddf98b3026fbd1d8a9c8021c7cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-aam-tid: 7hlklj0vQD8=
date: Fri, 23 Sep 2022 17:06:29 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 4958
x-xss-protection: 1; mode=block
dcs: dcs-prod-apse-1-v038-036f62fa7.edge-apse.demdex.com 5 ms
pragma: no-cache
last-modified: Sat, 24 Sep 2022 17:06:29 GMT
server: jag
etag: 3573311407418146816-4619781596794774017
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 22 Sep 2022 17:06:29 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=4271359052014047577
dpm.demdex.net/ Frame A6BD
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://d3273622690172371738-t4271359052014047577.id.amgdgt.com/r/telco/tuid/4271359052014047577/duid/3273622690172371738/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D427135905201...
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4271359052014047577

42 B
942 B

175ms
175ms

Image
image/gif

13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=4271359052014047577

Protocol

HTTP/1.1

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v038-0563f3fe0.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bK/oySLpRmQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=4271359052014047577
Pragma: no-cache
Date: Fri, 23 Sep 2022 17:06:30 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Content-Length: 0
Strict-Transport-Security: max-age=15768000
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame A6BD 0
719 B 686ms
173ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=04852971406624214721993192296012067741&gdpr=0&gdpr_consent=
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 Serving Show response
bs.serving-sys.com/ 384 B
868 B 561ms
173ms Script
text/html 13.250.73.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=3960295173590728993&pageurl=$$https%3A%2F%2Fwww.newsletters.news.com.au%2Fgeelongadvertiser$$&activityValues=$$Session%3D5697896192692050890$$&ns=0&rnd=1864870295278529&uinadv=%7B%7D
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.73.166 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-73-166.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b730311093f14a85a3e092baa5b1e66e01c57b6e18ceb0c18495cf882298a0e6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 289
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 SiteEvent.dotmetrics Show response
au-script.dotmetrics.net/ 18 B
1 KB 264ms
264ms Script
application/javascript 54.192.150.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNzUsImZsIjp0cnVlLCJkb20iOiJ3d3cubmV3c2xldHRlcnMubmV3cy5jb20uYXUiLCJsc28iOm51bGwsInVybCI6Imh0dHBzOi8vd3d3Lm5ld3NsZXR0ZXJzLm5ld3MuY29tLmF1L2dlZWxvbmdhZHZlcnRpc2VyIiwicnVybCI6IiIsInB2aWQiOiJhNGZlMTZkMC0yNjI5LTQ4OTktOTc4ZC0yMDQyZmE0NTc2YzUiLCJ0ek9mZnNldCI6MCwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D&r=1663952789639
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-56.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: 7153de840f0ead8b0b5015d3f47ae25c347476e0a24b851bb5ab0831c58a0226

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:29 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: SIN2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: application/javascript
x-amz-cf-id: rsBzkPQkUcHNAxagDYhwFvyUav4TuquH09dUEAAGThuvKf5KyPbytQ==

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEJgYsS6aUF4ylFAir1wlIDU&google_cver=1
dpm.demdex.net/ Frame A6BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDQ4NTI5NzE0MDY2MjQyMTQ3MjE5OTMxOTIyOTYwMTIwNjc3NDE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDQ4NTI5NzE0MDY2MjQyMTQ3MjE5OTMxOTIyOTYwMTIwNjc3NDE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJgYsS6aUF4ylFAir1wlIDU&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

174ms
174ms

Image
image/gif

13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJgYsS6aUF4ylFAir1wlIDU&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v038-036f62fa7.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YwGSJJmQRPE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJgYsS6aUF4ylFAir1wlIDU&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=13014b34-482d-41f2-90ce-bce5def83512
dpm.demdex.net/ Frame A6BD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.newsletters.news.com.au&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.newsletters.news.com.au&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=13014b34-482d-41f2-90ce-bce5def83512

42 B
942 B

174ms
174ms

Image
image/gif

13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=13014b34-482d-41f2-90ce-bce5def83512

Requested by

Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser

Protocol

HTTP/1.1

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v038-0bb4f4566.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /UfBs3XOQGc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=13014b34-482d-41f2-90ce-bce5def83512
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 500 usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame A6BD 0
0 675ms
269ms Image
text/html 23.78.217.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by: Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-78-217-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=Yy3nlhTdmVODDBMPxWI3LgAA%264727
dpm.demdex.net/ Frame A6BD
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nlhTdmVODDBMPxWI3LgAA%264727

42 B
942 B

173ms
173ms

Image
image/gif

13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nlhTdmVODDBMPxWI3LgAA%264727

Protocol

HTTP/1.1

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v038-05e43c533.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1b/hNJSXQTo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DywbuFMQioFgsnqfFy74VGm34WIjl0ZoZrWU4w2BbxP6wYdV%2Fyl63QI7V5RbeysI1wvSjcHhXaj3jFRKc%2F9G5cFyjs4y7eK4xZHphIccDP9mJKhV0XKimo2ZzwC9yj77R1wBnF9"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nlhTdmVODDBMPxWI3LgAA%264727
cache-control: no-cache
cf-ray: 74f4df0c99c7df8d-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 343ms
170ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316290525736583&ev=Microdata&dl=https%3A%2F%2Fwww.newsletters.news.com.au%2Fgeelongadvertiser&rl=&if=false&ts=1663952789946&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Newsletters%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.2.1663952788440.1004746115&it=1663952788032&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.newsletters.news.com.au
URL: https://www.newsletters.news.com.au/geelongadvertiser

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 17:06:30 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-0a2e0b13cadb9ff3140230155d72f0d4
dpm.demdex.net/ Frame A6BD
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=04852971406624214721993192296012067741&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0a2e0b13cadb9ff3140230155d72f0d4

42 B
942 B

174ms
174ms

Image
image/gif

13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0a2e0b13cadb9ff3140230155d72f0d4

Protocol

HTTP/1.1

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v038-036f62fa7.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: eKbQsAWtS5E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0a2e0b13cadb9ff3140230155d72f0d4
Date: Fri, 23 Sep 2022 17:06:30 GMT
useSecure: true
Server: openresty/1.19.9.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame A6BD
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=04852971406624214721993192296012067741&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=04852971406624214721993192296012067741&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

194ms
171ms

Image
image/gif

13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v038-0037eba19.edge-apse.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: Z2O/SfxCTTI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Fri, 23 Sep 2022 17:06:30 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame A6BD
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=04852971406624214721993192296012067741
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=04852971406624214721993192296012067741

0
338 B

916ms
304ms

Image
text/plain

52.38.198.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=04852971406624214721993192296012067741
Protocol: H2
Server: 52.38.198.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-198-76.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=25 t=1663952791
x-served-by: beacon-n017-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=04852971406624214721993192296012067741
date: Fri, 23 Sep 2022 17:06:30 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a005-ash-prod.krxd.net

GET
H2 200 generic1663647361901.js Show response
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 482 KB
86 KB 85ms
85ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1663647361901.js

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5ca2d0b308aadcf4c4b2cdfed9605be2da920cb5bb897515fe52dbf5e6c26db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: HhLubpCf1meQtFIxNBHOr2Cy5Ooi6IZh
content-encoding: gzip
etag: "2a9535a9a8d52c0622bae0381d011e63"
age: 305428
via: 1.1 varnish
x-cache: HIT
vary: Accept-Encoding
content-length: 87387
x-amz-id-2: CnraVirrSatmkjzo2WfbIR4nHPHM3Vm7yhwk3TEM8HQjYuGIRb5QK13Y+XLvvkRvqcjwd1zkRWQ=
x-served-by: cache-mel11238-MEL
last-modified: Tue, 20 Sep 2022 04:16:03 GMT
server: AmazonS3
x-timer: S1663952790.333469,VS0,VE0
date: Fri, 23 Sep 2022 17:06:30 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 73HVD3MEEFM6Z18B
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 174877

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame A6BD
Redirect Chain

https://tags.bluekai.com/site/43981?id=04852971406624214721993192296012067741&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

42 B
961 B

204ms
204ms

Image
image/gif

13.251.230.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Protocol

HTTP/1.1

Server

13.251.230.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-251-230-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v038-07aea2e4f.edge-apse.demdex.com 31 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: WVUMSqYoS48=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date: Fri, 23 Sep 2022 17:06:31 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6BD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXkzbmxRQUFBRklsOFFOOQ==

170 B
188 B

197ms
197ms

Image
image/png

142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXkzbmxRQUFBRklsOFFOOQ==

Protocol

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952791.668786,VS0,VE0
x-served-by: cache-mel11249-MEL
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXkzbmxRQUFBRklsOFFOOQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
317 B 490ms
314ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJOZXdzbGV0dGVycyIsInBhZ2VfdXJsIjogImh0dHBzOi8vd3d3Lm5ld3NsZXR0ZXJzLm5ld3MuY29tLmF1L2dlZWxvbmdhZHZlcnRpc2VyIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NjM5NTI3OTA1MjgiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4MzZiNTBhM2Y1NjQ2LTBmYWQ2M2YwZjU1NjkxLTZiM2Y1MTUyLTFkNGMwMC0xODM2YjUwYTNmNjgwZSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC1zeWQxIiwiYWNjb3VudElkIjogMTMyMjIyLCJ1cmwiOiAiaHR0cHM6Ly93d3cubmV3c2xldHRlcnMubmV3cy5jb20uYXUvZ2VlbG9uZ2FkdmVydGlzZXIiLCJ3ZWJzaXRlSWQiOiAxMzIyMjQsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImM0YjUtZjhkMS0xOGUyLTVmM2ItYmY1ZS1hOTExLTVhMDYtMjc3YSIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjYzOTUyNzkwNTI1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDE5MzIsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjM5NTI3OTA1MjgsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-blue-2k5w
date: Fri, 23 Sep 2022 17:06:30 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame A6BD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy3nlQAAAFIl8QN9&expires=90

42 B
798 B

699ms
171ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy3nlQAAAFIl8QN9&expires=90
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952791.668868,VS0,VE0
x-served-by: cache-mel11249-MEL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy3nlQAAAFIl8QN9&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A6BD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nlQAAAFIl8QN9

43 B
884 B

552ms
358ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nlQAAAFIl8QN9
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f4df0f9fcc3776-MEL
pragma: no-cache
date: Fri, 23 Sep 2022 17:06:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjxAazH2YqkCralajKXDFQ%2Fo%2F0V0EOn%2BgJJ5R5sCFPehTYEwoAb7eUKTRnHwiMha3nhSdFixpA08qt5eRoKKD6ZItFseCaeRnOmerCQ%2FIO34ul%2B5SY2L%2F9VCZPeq2wOozMJusAO3jxgzTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952791.696443,VS0,VE0
x-served-by: cache-mel11249-MEL
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nlQAAAFIl8QN9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A6BD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Yy3nlQAAAFIl8QN9

43 B
1 KB

228ms
228ms

Image
image/gif

104.254.148.251
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Yy3nlQAAAFIl8QN9

Protocol

HTTP/1.1

Server

104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 17:06:30 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: eb267250-6187-4356-9b56-afb1677e4fbc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952791.797352,VS0,VE0
x-served-by: cache-mel11249-MEL
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Yy3nlQAAAFIl8QN9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame A6BD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy3nlQAAAFIl8QN9
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yy3nlQAAAFIl8QN9

43 B
61 B

260ms
173ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yy3nlQAAAFIl8QN9
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:31 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yy3nlQAAAFIl8QN9
date: Fri, 23 Sep 2022 17:06:31 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ 44 B
597 B 173ms
173ms Image
image/gif 52.76.164.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b12_geelongadvertiser_S&asn=geelongadvertiser&fp_id=vwqjpiztvmujgzyy6nrb9nfioqosx1663952788&fp_cr_tm=1663952788859&fp_acc_tm=1663952788859&fp_emm_tm=1663952788859&ve_id=&sessionId=nnr2mjrxech7mrnoyqk9dg4sxdycv1663952788&prv=1&c6=vc,b12&ca=NA&c13=asid,P9639CC51-2F11-48E8-B888-393496680A12&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,fw43ujocddivp0k8to83ji37hoxuw1663952789&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16639527888561662&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1663952787527&c3=st,c&c64=starttm,1663952790&adid=1663952787527&c58=isLive,false&c59=sesid,&c61=createtm,1663952790&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.newsletters.news.com.au%2Fgeelongadvertiser&c66=mediaurl,&sdd=&c62=sendTime,1663952790&rnd=857732
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.164.205 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-164-205.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A6BD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nlQAAAFIl8QN9

1 B
450 B

510ms
168ms

Image
text/html

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nlQAAAFIl8QN9
Protocol: H2
Server: 67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952791.999759,VS0,VE0
x-served-by: cache-mel11249-MEL
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nlQAAAFIl8QN9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame A6BD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nlQAAAFIl8QN9&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nlQAAAFIl8QN9&img=1&__user_check__=1&sync_id=123fd9d1-3b62-11ed-af43-1d7a88fc0507

43 B
547 B

171ms
171ms

Image
image/gif

103.71.26.125
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nlQAAAFIl8QN9&img=1&__user_check__=1&sync_id=123fd9d1-3b62-11ed-af43-1d7a88fc0507
Protocol: HTTP/1.1
Server: 103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 17:06:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 8
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 23 Sep 2022 17:06:31 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=Yy3nlQAAAFIl8QN9&img=1&__user_check__=1&sync_id=123fd9d1-3b62-11ed-af43-1d7a88fc0507
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 30
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame A6BD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nlQAAAFIl8QN9&t=2592000&o=0

43 B
68 B

388ms
387ms

Image
image/gif

157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nlQAAAFIl8QN9&t=2592000&o=0

Protocol

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:06:31 PDT
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: jMXmty2KdvWZcEAql2UFW1uvd0+UaML7v8SGITDqj3VG83ZMzoUSlN8+UZ3jXr+4GrSYKvSLTZUuuSwziA8s/w==
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Fri, 23 Sep 2022 10:06:31 PDT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952791.200349,VS0,VE0
x-served-by: cache-mel11249-MEL
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nlQAAAFIl8QN9&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame A6BD 43 B
378 B 359ms
183ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms: 97
pragma: no-cache
date: Fri, 23 Sep 2022 17:06:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1663952791.477370,VS0,VE97
x-served-by: cache-mel11246-MEL
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 0
sync.1rx.io/usersync/adobe/ Frame A6BD 0
99 B 544ms
178ms Image
text/plain 74.118.186.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:06:31 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 523ms
182ms Script
application/javascript 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.newsletters.news.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 17:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 531ms
185ms Script
application/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsletters.news.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 17:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 735 B
423 B 220ms
220ms XHR
text/plain 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=437226786508975&correlator=287797971942674&hxva=1&scor=2179785041875822&eid=31068929&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fifs&iu_parts=5129%2Cndm.gea%2Cnewsletters&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=663037132&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3D1%26id%3D0fa72782-3b62-11ed-9ea1-0ab5b06f5b88&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26sec1%3Dnewsletters%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dindex%26adl%3Dfalse%26abtest%3Da%26pvid%3D00000000000000000000000000000000-00000000000000000000000000000000-1663952786702-195280%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663952792740&lmt=1663952792&dlt=1663952784611&idt=3996&adxs=0&adys=1656&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.newsletters.news.com.au%2Fgeelongadvertiser&frm=20&vis=1&psz=1600x1677&msz=1600x0&fws=0&ohw=0&ga_vid=1962768396.1663952793&ga_sid=1663952793&ga_hid=1793741289&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

f52228765e00c0ac1ee6ae0c0e45f15f69940ff0e07d0ab45a6a00c1e5d8aab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 394
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newsletters.news.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 538ms
189ms XHR
application/json 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

cafe /

Resource Hash

c4a747f0e2d13fced522d1eb2a58d4a7f07fd27259ba6bdf50b1d77104471846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 17:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11129
x-xss-protection: 0

GET
H2 200 container.html Show response
7fce6f22f661e8d54b374a3c0fb702fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 756E 6 KB
4 KB 531ms
181ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7fce6f22f661e8d54b374a3c0fb702fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsletters.news.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:06:33 GMT
expires: Sat, 23 Sep 2023 17:06:33 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 182ms
181ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.newsletters.news.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 17:06:33 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C914 13 KB
5 KB 481ms
180ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newsletters.news.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 223596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 02:59:57 GMT
expires: Thu, 21 Sep 2023 02:59:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3412 783 B
1 KB 535ms
188ms Document
text/html 142.251.10.99

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.99 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

18fda5b7d2a3e1ae7b2ac6c23eb624d1f951fd724f8f36e3038edee2ea743db5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HIbgdkcvfPnTkPAruz1aUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.newsletters.news.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-HIbgdkcvfPnTkPAruz1aUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:06:33 GMT
expires: Fri, 23 Sep 2022 17:06:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame C914 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 3412 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static-au.newsletters.news.com.au
URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/Merriweather-Light-export/Merriweather-Light.woff

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/13/2970e277

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/1McDhLIVMB

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091901&jk=437226786508975&rc=

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.news.com.au/	1970-01-20 14:58:08	Name: utag_main Value: v_id:01836b5094ae000fce5306a06ce603074003506c00b08$_sn:1$_se:1$_ss:1$_st:1663954586607$ses_id:1663952786607%3Bexp-session$_pn:1%3Bexp-session
.newsletters.news.com.au/	1970-01-20 06:12:36	Name: nearSessionCookie Value: 0.7042347334132719
.newsletters.news.com.au/	1970-01-20 14:58:08	Name: _ncid Value: 0ace17fcd6b99047e5bd5f43a91de8b4
.news.com.au/	1970-01-20 15:41:20	Name: _cb Value: UbR6dB7m82NBEe2dw
.news.com.au/	1970-01-20 15:41:20	Name: _chartbeat2 Value: .1663952787887.1663952787887.1.DBHsk5DKRRZxTG0UsIMJKEBVse7E.1
.news.com.au/	1970-01-20 06:12:34	Name: _cb_svref Value: null
.news.com.au/	1970-01-20 06:12:34	Name: _ncg_sp_ses.2a92 Value: *
.news.com.au/	1970-01-20 08:22:08	Name: _fbp Value: fb.2.1663952788440.1004746115
.demdex.net/	1970-01-20 10:31:44	Name: demdex Value: 04852971406624214721993192296012067741
www.newsletters.news.com.au/	1970-01-20 06:55:44	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.newsletters.news.com.au/	1970-01-20 06:12:36	Name: _lr_retry_request Value: true
www.newsletters.news.com.au/	1970-01-20 06:55:44	Name: _lr_env_src_ats Value: false
.news.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
.news.com.au/	1970-01-20 15:48:32	Name: _ncg_sp_id.2a92 Value: c8e1d001-6c1e-4bad-a65e-8159ae885491.1663952788.1.1663952789.1663952788.92029930-87be-49ea-b2d2-003ccf2cdafe
.news.com.au/	1970-01-20 10:31:44	Name: nol_fpid Value: vwqjpiztvmujgzyy6nrb9nfioqosx1663952788\|1663952788859\|1663952788859\|1663952788859
login.newscorpaustralia.com/	1970-01-20 14:58:30	Name: did Value: s%3Av0%3A108be1f0-3b62-11ed-b412-2582e38eb57d.fbNQB7tR2P%2BeEZICDILx%2FkPYyo0YqwAgYmhCUVFMHa8
.everesttech.net/	1970-01-20 14:58:08	Name: everest_g_v2 Value: g_surferid~Yy3nlQAAAFIl8QN9
.dotmetrics.net/	1970-01-20 14:58:08	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 14:58:08	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=f7b45b9d-38ed-47cb-a8a0-552bba54b034&Created=09/23/2022 17:06:29&UserMode=0&guid=ae76a997-aa9e-4aec-bc80-b25e19cb3837&ver=1
.newsletters.news.com.au/	1970-01-20 06:55:44	Name: s_nr30 Value: 1663952789342-New
.news.com.au/	1970-01-20 15:48:32	Name: s_gdslv Value: 1663952789342
.news.com.au/	1970-01-20 06:12:34	Name: s_gdslv_s Value: First%20Visit
.newsletters.news.com.au/	1970-01-20 06:12:34	Name: s_ppn Value: ga%7Cnewsletters%7Cindex%7Cnewsletters
.news.com.au/	1969-12-31 23:59:59	Name: tp Value: 1677
.news.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: ga%257Cnewsletters%257Cindex%257Cnewsletters%2C72%2C72%2C1200
.news.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 10:31:44	Name: dpm Value: 04852971406624214721993192296012067741
.news.com.au/	1970-01-20 15:48:32	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C19259%7CMCMID%7C04831720438246335941991066648684749447%7CMCAAMLH-1664557589%7C3%7CMCAAMB-1664557589%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1663959989s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19266%7CvVersion%7C5.1.1
.newsletters.news.com.au/	1970-01-20 06:55:44	Name: nc_aam_segs Value: asgmnt%3D16675898
.newsletters.news.com.au/	1970-01-20 06:55:44	Name: aam_uuid Value: 04852971406624214721993192296012067741
.imrworldwide.com/	1970-01-20 15:34:08	Name: IMRID Value: 10e859d0-3b62-11ed-bfb2-ed757b62e0c8
www.newsletters.news.com.au/	1969-12-31 23:59:59	Name: DM_SitId1563 Value: true
www.newsletters.news.com.au/	1969-12-31 23:59:59	Name: DM_SitId1563SecId13075 Value: true
www.newsletters.news.com.au/	1970-01-20 06:12:34	Name: DM_SitIdT1563 Value: true
www.newsletters.news.com.au/	1970-01-20 06:12:34	Name: DM_SitId1563SecIdT13075 Value: true
.newscgp.com/	1970-01-20 14:58:08	Name: sp Value: 8969b301-ee31-46c5-94da-2ae08f452ea1
.id5-sync.com/	1970-01-20 08:22:08	Name: 3pi Value:
.id5-sync.com/	1970-01-20 08:22:08	Name: id5 Value: f0c95d81-e02d-4632-bb69-d823d6fb132d#1663952789563#1
au-script.dotmetrics.net/	1970-01-20 06:22:37	Name: AWSALBCORS Value: kPR76TFPcshaicHUc7fZYOxARZSeRXxLi0DqipPg5L7dPBAxIM0WwLK93bHraQ4tR9Fde+5UUOIZV+ttLi6A8DUPIxut9J9FL/D2F3NuXhSz5uZhTd9vWc+0x6q+
.adnxs.com/	1970-01-20 08:22:08	Name: uuid2 Value: 4383360168080125294
.adsrvr.org/	1970-01-20 14:58:08	Name: TDID Value: 13014b34-482d-41f2-90ce-bce5def83512
.turn.com/	1970-01-20 10:31:44	Name: uid Value: 4271359052014047577
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_6630 Value: 1
.serving-sys.com/	1970-01-20 08:22:08	Name: OT2 Value: 0001DC1rfh
.serving-sys.com/	1970-01-20 08:22:08	Name: u2 Value: 1166bdab-92fe-4056-b735-473a1bc977b24IW050
.adsrvr.org/	1970-01-20 14:58:08	Name: TDCPM Value: CAESEgoDYWFtEgsI-KTv3P_jjjsQBRgFIAEoAjILCMDPtImW5I47EAU4AQ..
.rubiconproject.com/	1970-01-20 14:58:08	Name: khaos Value: L8EQJ1X9-2-KDQ5
.casalemedia.com/	1970-01-20 14:58:08	Name: CMID Value: Yy3nlhTdmVODDBMPxWI3LgAA
.casalemedia.com/	1970-01-20 08:22:08	Name: CMPS Value: 4727
.casalemedia.com/	1970-01-20 08:22:08	Name: CMPRO Value: 4727
www.newsletters.news.com.au/	1970-01-20 14:58:08	Name: mdLogger Value: false
www.newsletters.news.com.au/	1970-01-20 14:58:08	Name: kampyle_userid Value: c4b5-f8d1-18e2-5f3b-bf5e-a911-5a06-277a
www.newsletters.news.com.au/	1970-01-20 14:58:08	Name: kampyleUserSession Value: 1663952790525
www.newsletters.news.com.au/	1970-01-20 14:58:08	Name: kampyleUserSessionsCount Value: 1
www.newsletters.news.com.au/	1970-01-20 14:58:08	Name: kampyleSessionPageCounter Value: 1
.doubleclick.net/	1970-01-20 15:48:32	Name: IDE Value: AHWqTUn28htTOCUHqYtT8BPdV_UIAlr38sQt98LfuyacmxuufLteBhb5n5DjEzPVIoQ
.eyeota.net/	1970-01-20 14:58:08	Name: mako_uid Value: 1836b50a4e0-137f000001085969
.eyeota.net/	1970-01-20 06:12:33	Name: SERVERID Value: 22889~DM
.scanscout.com/	1970-01-20 14:58:08	Name: uid Value: CI-0a2e0b13cadb9ff3140230155d72f0d4
.scanscout.com/	1970-01-20 14:58:08	Name: UIAA Value: 04852971406624214721993192296012067741
.scanscout.com/	1970-01-20 14:58:08	Name: UIXX_UPDT Value: "UIAA=1663952790769"
.adnxs.com/	1970-01-20 08:22:08	Name: anj Value: dTM7k!M4.FErk#WF']wIg2GTxm^Y$3!]tbPl1MwL(!R7qUY$+]IJ+H8YWJXVF=$IVX?FC4tDrte<QG=%9sk?bIRwi:w9Ld1ic!spTWBCu(lOfM!x%[a*EDj2
.openx.net/	1970-01-20 14:58:08	Name: i Value: d8d6138f-7cc4-41dc-9e65-5ad7de4b3595\|1663952791
.casalemedia.com/	1970-01-20 08:22:08	Name: CMTS Value: 5340
.demdex.net/	1970-01-20 10:31:44	Name: dextp Value: 358-1-1663952789337\|470-1-1663952789439\|481-1-1663952789539\|771-1-1663952789641\|903-1-1663952789742\|19566-1-1663952789842\|23728-1-1663952789943\|30432-1-1663952790044\|30064-1-1663952790145\|66757-1-1663952790246\|134096-1-1663952790347\|144230-1-1663952790448\|144231-1-1663952790553\|144232-1-1663952790653\|144233-1-1663952790754\|144234-1-1663952790855\|144235-1-1663952790956\|144236-1-1663952791056\|144237-1-1663952791157\|147592-1-1663952791258\|461447-1-1663952791359
.rubiconproject.com/	1970-01-20 14:58:08	Name: audit Value: 1\|pisD6CnZOYFwb4KbkY6yWuTotPTE1Y5ceBppggq4tatNDY5C4h7Kr8mJhDXAhWCKJnRHC4E9hAryUhTWCqUS/Lu8MdjV0SuEO53obZevF8h6atDRwtE4Vj6SQ8TISINRnYJvlSJy4sQwLBic4CDAI64tSoFlvoMdoxw3IrM1QdF01qAbJMnMkX2NFdeBSG8D5IYzazhYCkuma+WVcS1g3g==
.pubmatic.com/	1970-01-20 08:22:08	Name: KRTBCOOKIE_218 Value: 4056-Yy3nlQAAAFIl8QN9&KRTB&22978-Yy3nlQAAAFIl8QN9&KRTB&23194-Yy3nlQAAAFIl8QN9&KRTB&23209-Yy3nlQAAAFIl8QN9
.pubmatic.com/	1970-01-20 06:55:44	Name: PugT Value: 1663952790
.spotxchange.com/	1970-01-20 06:52:51	Name: audience Value: 123fd998-3b62-11ed-af43-1d7a88fc0507
.krxd.net/	1970-01-20 10:31:44	Name: _kuid_ Value: PGLbB9ZX
.news.com.au/	1970-01-20 15:34:08	Name: __gads Value: ID=ab3ae368b0a7d8bd:T=1663952792:S=ALNI_MbmBVjYalODoulTjb4IAmf6l5WXhw
.news.com.au/	1970-01-20 15:34:08	Name: __gpi Value: UID=000009d955b80904:T=1663952792:RT=1663952792:S=ALNI_Mb3kSJGJOBdh6RVb-H-8hsaGczJ-g

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.newsletters.news.com.au/geelongadvertiser Message: Access to font at 'https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/Merriweather-Light-export/Merriweather-Light.woff' from origin 'https://www.newsletters.news.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static-au.newsletters.news.com.au/gpc/prodAU/1638935267/public/fonts/Merriweather-Light-export/Merriweather-Light.woff Message: Failed to load resource: net::ERR_FAILED
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network	error	URL: https://login.newscorpaustralia.com/csp-reports Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7fce6f22f661e8d54b374a3c0fb702fa.safeframe.googlesyndication.com
adservice.google.com
adservice.google.com.au
api.rlcdn.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.pixel.newscgp.com
au.tags.newscgp.com
beacon.krxd.net
bs.serving-sys.com
c.amazon-adsystem.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn1.adoberesources.net
cm.everesttech.net
cm.g.doubleclick.net
collector.brandmetrics.com
connect.facebook.net
d.turn.com
d3273622690172371738-t4271359052014047577.id.amgdgt.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.scanscout.com
ib.adnxs.com
id5-sync.com
image.e.newscorpaus.com.au
image.exacttarget.com
image2.pubmatic.com
image5.pubmatic.com
login.newscorpaustralia.com
match.adsrvr.org
ncg.tags.news.com.au
nebula-cdn.kampyle.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
nnr2mjrxech7mrnoyqk9dg4sxdycv1663952788.nuid.imrworldwide.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.zprk.io
ps.eyeota.net
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
securepubads.g.doubleclick.net
ssum.casalemedia.com
static-au.newsletters.news.com.au
static.chartbeat.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
udc-neb.kampyle.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.geelongadvertiser.com.au
www.google.com
www.newsletters.news.com.au
login.newscorpaustralia.com
pagead2.googlesyndication.com
static-au.newsletters.news.com.au
103.71.26.125
104.16.89.20
104.18.18.126
104.18.19.126
104.254.148.251
104.26.6.155
104.71.48.157
104.71.48.190
104.71.49.6
104.79.97.250
13.228.164.9
13.250.73.166
13.251.230.231
13.33.79.24
13.33.88.113
13.33.91.15
142.251.10.154
142.251.10.157
142.251.10.99
142.251.12.132
142.251.12.157
15.197.193.217
151.101.129.175
151.101.193.44
151.101.194.49
157.240.235.1
157.240.235.35
162.19.138.82
172.217.194.155
172.67.38.106
18.138.150.144
18.155.68.122
18.155.68.27
18.155.68.80
18.211.165.216
199.127.207.180
20.50.2.28
23.207.37.206
23.41.66.63
23.41.75.53
23.78.217.19
23.78.217.66
3.106.169.216
34.120.155.137
34.98.64.218
35.168.94.234
35.241.45.82
42.99.140.160
50.116.239.135
50.116.239.150
52.221.16.11
52.38.198.76
52.65.195.72
52.76.164.205
54.169.222.109
54.192.150.56
54.192.150.88
54.192.150.92
54.192.150.93
54.251.140.206
63.140.48.177
67.199.150.86
69.173.158.64
74.118.186.44
74.125.200.157
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
02db6085d2b384c5a8c4162969f767c00291344634e081fd124b0b48822818a8
0422c1be425a330e066dc9ac7ba5d76e323e757b3ddc2a95c5319e2ca5090968
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0ffd94940cd7d1c0646cc5c0749976f13a216556aff4ffd62f516941716c5ed5
12a09aca6754930779b5213e478f932e6255a1e85c864af85b03d10c3e2d30d1
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654
18fda5b7d2a3e1ae7b2ac6c23eb624d1f951fd724f8f36e3038edee2ea743db5
1e0048d90172ebbb946617c24a981dbc8a4d585329c16ecd3eeac25d6a0acd58
20e5bcd3261542eaa806200dd2ee86c4627047fb78504eb362394b7512db8b11
217ed39fce003a763daeec9689fa20df1d9f1dcdc7daed0839b8f0343711d7d7
21f20f84cde9b9bb5d03446360d1909696d9e346bd970e8306a3d0565a82fc82
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
36e299f45673885e6b5d62d38c3b76d863aa2a0b511a2c1327359273380703a0
3916243359bf2cfb605813c893d37dbca79b468279dcf1daad25fea83e649102
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3c4a6bb5889a76a7482c62046840ad718250ccebe0ef051f0877923dbafcc3fe
3d6fb57b45b7811e1655d553bb454240c3afddf98b3026fbd1d8a9c8021c7cba
42ffbcd5fae6a0eda00246031330f0c87d21ec4c9451787199c02d49746a3d12
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b974909fad0b296dcd51e6894876a0b7ea8cff86c950d4568ffe09241244f6f
5ca2d0b308aadcf4c4b2cdfed9605be2da920cb5bb897515fe52dbf5e6c26db9
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f
7153de840f0ead8b0b5015d3f47ae25c347476e0a24b851bb5ab0831c58a0226
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb
769aad2df62fab24da6910b5a5f66c574faa53eb43b1add8308933a75880c06e
7982b9e4d876d7f733da571630e8165a27134c117ca1360cbe5ae5b74c938122
79faae7cce89185fadfe012d9cd154c8ccda2e5d9c171000ef0284f927e11e10
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
83350d65f261ae30883cad4bbfd624ee0097e7f383c2d6f29de0e1f209c21b00
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
862b069ede34eb082e53519fd9e854ca40ba46fd17d1ae40da14b7d584625b94
872439e99adac6cc9048457232bc781bb108cdd7c1a56ec8cd26f921e1ba98ce
87f9b01a1d755db829c0fccbbc3a18026319fb5ebf309b27a6b4fa5a0a775898
8ab9b143c1a9f51f38c62db005fb4b49572e4d796f0e74e6b3b56ee41036f954
8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9
9a547c4128d0639e5707d680eeee4cf5ff5cdfed9893dbed7c8ee69fb02ebdff
9dd58acd69b7e8e872e425947e06e8470d323e5be776da6f01cc85238e5fcfad
9fff69ec032b02d5209e9c7b86df7cd70a4e1f943cbbc6ec45db469ab5366f1d
a2af01613c61301f3c1307b136a19cff3fadbd22f37f3df5bdd85d18e5758cc8
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b07f5a1999429f79826a2454193403d52131db0eab4dfbd79a38b8d980808ed3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
b730311093f14a85a3e092baa5b1e66e01c57b6e18ceb0c18495cf882298a0e6
b8622901620da24c8565a4ba8ee7e2f0180aaf2e0e2a6d05151f250f7226572b
ba9fc7b957daef563d221a58df19a60709a134d72517cce049cb2921fbaea351
c0d5a0704ca198e50df128187ab6d5926f7975f28b7884f113d2a3dd2dec6a0b
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c261147bf4256326fe74979596ca8fb13dae170d9b7586b1edbf7f0bb2fe9cf6
c4a747f0e2d13fced522d1eb2a58d4a7f07fd27259ba6bdf50b1d77104471846
c853664140e6ba15f2e1e5800cf192893a81e742044e27df50fa3d5c4d357cd2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d8350cb98f0fc57bcb74cece1116fef2c686431f2a99b36d1e7fd9cf1a3d205a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df495c6a055b3616e655e1347387b18afd04a61cd2061cbd8e9a2713c7823e13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70bd440c10e5906797794cb77fa09cede63306250588bce7ed75f466b41884d
edbd4e1158da209902d5d90eef94f40af28482f57b23e76f33e1dddbf26015ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f42521df2fa5dfb4ca04ac5156b9279fdf193be3a481e5eceed3ae13b0fb4c22
f52228765e00c0ac1ee6ae0c0e45f15f69940ff0e07d0ab45a6a00c1e5d8aab9
f6b0db93e80409a03e7ad626a8fc83e337afa51ecd565543f6c09231d7d9538e

www.newsletters.news.com.au Open in urlscan Pro 52.65.195.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

80 %HTTPS

0 %IPv6

46 Domains

67 Subdomains

56 IPs

9 Countries

2033 kBTransfer

4945 kBSize

72 Cookies

1 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newsletters.news.com.au Open in urlscan Pro
52.65.195.72 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

80 %
HTTPS

0 %
IPv6

46
Domains

67
Subdomains

56
IPs

9
Countries

2033 kB
Transfer

4945 kB
Size

72
Cookies

115 HTTP transactions
0 data transactions