urlscan.io logo urlscan.io
SecurityTrails logo

www.spokesman.com Open in urlscan Pro
18.161.97.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://service7-coinbase.com/
Effective URL: https://www.spokesman.com/
Submission Tags: @cybercrymen opensquat coinbase Search All
Submission: On March 10 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 24 domains to perform 115 HTTP transactions. The main IP is 18.161.97.52, located in United States and belongs to AMAZON-02, US. The main domain is www.spokesman.com. The Cisco Umbrella rank of the primary domain is 167772.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 21st 2023. Valid for: 6 months.
This is the only time www.spokesman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 146.190.66.204 14061 (DIGITALOC...)
1 1 52.222.144.104 16509 (AMAZON-02)
1 18.161.97.52 16509 (AMAZON-02)
5 52.222.144.97 16509 (AMAZON-02)
8 52.84.45.36 16509 (AMAZON-02)
1 52.84.45.75 16509 (AMAZON-02)
2 14 74.125.24.155 15169 (GOOGLE)
2 142.251.10.97 15169 (GOOGLE)
5 52.84.45.49 16509 (AMAZON-02)
3 172.253.118.138 15169 (GOOGLE)
1 2 107.178.250.234 396982 (GOOGLE-CL...)
1 52.84.251.61 16509 (AMAZON-02)
1 74.125.200.154 15169 (GOOGLE)
1 142.251.12.155 15169 (GOOGLE)
4 142.251.12.132 15169 (GOOGLE)
6 172.217.194.157 15169 (GOOGLE)
6 34.205.216.79 14618 (AMAZON-AES)
2 152.199.39.108 15133 (EDGECAST)
1 142.250.4.99 15169 (GOOGLE)
1 172.217.194.94 15169 (GOOGLE)
13 74.125.68.132 15169 (GOOGLE)
4 185.167.164.49 198622 (ADFORM)
4 23.36.48.24 16625 (AKAMAI-AS)
2 184.87.193.156 20940 (AKAMAI-ASN1)
8 23.207.180.23 16625 (AKAMAI-AS)
10 23.213.140.31 16625 (AKAMAI-AS)
3 185.84.60.57 198622 (ADFORM)
1 151.101.1.26 54113 (FASTLY)
4 4 35.71.131.137 16509 (AMAZON-02)
2 2 35.214.223.115 15169 (GOOGLE)
1 184.87.193.133 20940 (AKAMAI-ASN1)
3 142.251.12.154 15169 (GOOGLE)
1 117.18.232.200 15133 (EDGECAST)
115 30
1    146.190.66.204 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
service7-coinbase.com
1    52.222.144.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-144-104.mrs52.r.cloudfront.net
spokesman.com
1    18.161.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-97-52.mrs52.r.cloudfront.net
www.spokesman.com
5    52.222.144.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-144-97.mrs52.r.cloudfront.net
thumb.spokesman.com
8    52.84.45.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-36.mrs52.r.cloudfront.net
static.spokesman.com
1    52.84.45.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-75.mrs52.r.cloudfront.net
cdn-gateflipp.flippback.com
14    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
2    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
5    52.84.45.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-49.mrs52.r.cloudfront.net
media.spokesman.com
3    172.253.118.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f138.1e100.net
www.google-analytics.com
2    107.178.250.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    52.84.251.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-61.sin5.r.cloudfront.net
p.flipp.com
1    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
adservice.google.com.au
1    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
adservice.google.com
4    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
6    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
stats.g.doubleclick.net
www.googletagservices.com
6    34.205.216.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-216-79.compute-1.amazonaws.com
www.i.matheranalytics.com
2    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.wgchrrammzv.com
1    142.250.4.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f99.1e100.net
www.google.com
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
www.google.com.au
13    74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net
tpc.googlesyndication.com
4    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
4    23.36.48.24 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com
hblg.media.net
2    184.87.193.156 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-193-156.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
8    23.207.180.23 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-23.deploy.static.akamaitechnologies.com
contextual.media.net
10    23.213.140.31 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-140-31.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
cs.media.net
3    185.84.60.57 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
1    151.101.1.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    184.87.193.133 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-193-133.deploy.static.akamaitechnologies.com
res-a.akamaihd.net
3    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
pagead2.googlesyndication.com
1    117.18.232.200 (Australia)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
Apex Domain
Subdomains		 Transfer
22 media.net
hblg.media.net — Cisco Umbrella Rank: 1841
contextual.media.net — Cisco Umbrella Rank: 587
warp.media.net — Cisco Umbrella Rank: 2330
lg3.media.net — Cisco Umbrella Rank: 4970
cs.media.net — Cisco Umbrella Rank: 1372
246 KB
20 googlesyndication.com
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
226 KB
20 spokesman.com
spokesman.com — Cisco Umbrella Rank: 111698
www.spokesman.com — Cisco Umbrella Rank: 167772
thumb.spokesman.com — Cisco Umbrella Rank: 167534
static.spokesman.com — Cisco Umbrella Rank: 257911
media.spokesman.com — Cisco Umbrella Rank: 247653
13 MB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189
stats.g.doubleclick.net — Cisco Umbrella Rank: 73
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
193 KB
8 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 10213
www.i.matheranalytics.com — Cisco Umbrella Rank: 10003
45 KB
7 adform.net
a2.adform.net — Cisco Umbrella Rank: 6132
s2.adform.net — Cisco Umbrella Rank: 5859
80 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
243 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
2 KB
3 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1851
res-a.akamaihd.net — Cisco Umbrella Rank: 7925
22 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 24
20 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 833
477 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 65
www.google.com — Cisco Umbrella Rank: 2
864 B
2 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 117050
www.google.com.au — Cisco Umbrella Rank: 26035
939 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
128 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2095
22 KB
1 wgchrrammzv.com
cdn.wgchrrammzv.com — Cisco Umbrella Rank: 36208
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1317
654 B
1 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 26486
12 KB
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 15663
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 15147
64 KB
1 service7-coinbase.com
service7-coinbase.com
466 B
0 pranmcpkx.com Failed
cdn.pranmcpkx.com Failed
0 o1ych4jb.com Failed
cdn.o1ych4jb.com Failed
0 mircheigeshoa.com Failed
cdn.mircheigeshoa.com Failed
115 24
Domain Requested by
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
12 securepubads.g.doubleclick.net www.spokesman.com
securepubads.g.doubleclick.net
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
www.googletagservices.com
8 contextual.media.net 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
contextual.media.net
8 static.spokesman.com www.spokesman.com
static.spokesman.com
6 www.i.matheranalytics.com www.spokesman.com
5 www.googletagservices.com securepubads.g.doubleclick.net
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
5 media.spokesman.com www.spokesman.com
5 thumb.spokesman.com www.spokesman.com
4 match.adsrvr.org 4 redirects
4 cs.media.net contextual.media.net
4 lg3.media.net 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
www.spokesman.com
4 hblg.media.net www.spokesman.com
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
4 a2.adform.net 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
s2.adform.net
4 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 pagead2.googlesyndication.com www.googletagservices.com
3 s2.adform.net a2.adform.net
s2.adform.net
www.spokesman.com
3 www.google-analytics.com www.googletagmanager.com
www.spokesman.com
2 csync.loopme.me 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 warp.media.net 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
2 qsearch-a.akamaihd.net www.spokesman.com
2 js.matheranalytics.com 1 redirects www.spokesman.com
2 www.googletagmanager.com www.spokesman.com
www.googletagmanager.com
1 az416426.vo.msecnd.net loader-cdn.azureedge.net
1 res-a.akamaihd.net 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
1 cdn.wgchrrammzv.com loader-cdn.azureedge.net
1 polyfill.io loader-cdn.azureedge.net
1 www.google.com.au www.spokesman.com
1 www.google.com www.spokesman.com
1 loader-cdn.azureedge.net static.spokesman.com
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.com.au securepubads.g.doubleclick.net
1 p.flipp.com cdn-gateflipp.flippback.com
1 cdn-gateflipp.flippback.com www.spokesman.com
1 www.spokesman.com
1 spokesman.com 1 redirects
1 service7-coinbase.com 1 redirects
0 cdn.pranmcpkx.com Failed loader-cdn.azureedge.net
0 cdn.o1ych4jb.com Failed loader-cdn.azureedge.net
0 cdn.mircheigeshoa.com Failed loader-cdn.azureedge.net
115 41
Subject Issuer Validity Valid
spokesman.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-08-18		 6 months crt.sh
*.flippback.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-07-29		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
flipp.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-09-28		 7 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-13		 10 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-10-25 -
2023-10-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
sni2bf2bgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh

This page contains 11 frames:

Primary Page: https://www.spokesman.com/
Frame ID: 5EC24073DA37765607EF82AA8A18BDC1
Requests: 52 HTTP requests in this frame

Frame: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B14FB8B15C5984F195A5DC6EB33CCA92
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufUz3BVi2Ziwgta1qyQW1mM2nwGUcavbrA8B3HHpvTY0bH3ZOt1fdVRAaeqJaP5V0aDq6x8HyJpkN2Q7tmEc_sSaKCYvMgVCLMFaH_7iGuP5qjENAu8rvIR7myT47CaA_J7crGcIqiAoLiyTD35a7ryMLPAyfgricICvQ8lxDXVCp2nVRMhxUoNIXdQyvistRG_2mvaqCb0YF9QhFqcYVHL67blxdgp0KVi-nrx2Y3sRsAoHhNU-uKIBvix_j-44RCmnudeElgkgEiwvH36BtpZ4Hiz0LKjXdXbwUTifrR02MVFeGxF3fScDWWUr89dlcjv2EVXYgsBwFJOLXrv728SohUokwGHDv5LqMihyaLo1CXZvB4JQ&sai=AMfl-YRWQS57K97jBWuz3UddZk1om0dvratvv6XyghBckVfg2S0b_c3kYo1q3Wj6ICU0B-bSJPOZEXcrSFKiUELsbRBLGQydhAgHlbjbCGBFP27cgVZOA2wg0CpSsfx0RYapgIx67FSNS8BF7V-MsAY&sig=Cg0ArKJSzLmPIg4-BVgVEAE&uach_m=[UACH]&adurl=
Frame ID: 1F956D477CE1C3016CC8EB66BEF5EEC7
Requests: 8 HTTP requests in this frame

Frame: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 90A1579FB9EBF4147E56F55FA014DC22
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstE6MuPFmOdogLfbd350ogpO5B0EIruuN_9hNYeO05MYhLFhruhGJLAxofJR59dcfHZdd7NBX_KSfgLyDJu0tZnRMHaXx0wdwm_rM4zHPkNOY2CnYYpCOgkGhXb0gI4lb-e1Pjd2wznFiB2I5j3Sl9i-F5QHZVMXI5sTWEBHkxvjwWyzXJpLFRGj5_5qYGtF8xzZiwjPqpDN0laC8AyMqc-3tDAr0UlniAv3md9wTBpLcqO7an4DOg-6UtnJSuSxMzsYdk8Q3vLEWFfS1grQzQOM6Y9neSIDHxPb5tT4k6Dl4PLQegAOYDOcvAyQwbGKtPEgEJAZoAFyWpSdYYyzByug&sai=AMfl-YQ8ecPwoW9eU6rc5KwkYjIDE7w77X1QL7easAcaEH2Ueg2pTPQPxSlMG0w8_kP1zR5Jrvy4v_ycY81GwSQSev_R51XszBkb5It_z9e7YCpzcgIgof3ERb_fnhAVK8N35UJTTJZ4DQSJzLJdUUA&sig=Cg0ArKJSzAhMZ36Uy_uiEAE&uach_m=[UACH]&adurl=
Frame ID: F47C4F89C06062F12053021B79BAAD3E
Requests: 8 HTTP requests in this frame

Frame: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 593ED2C01FD975073A9B5A52AA47705C
Requests: 14 HTTP requests in this frame

Frame: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 315168BF82F0956F902E22807787199B
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: EC2CF917E091906DCAF6038E7463921E
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 29BF1CAC3B0F4C6B13AFC90A095122C9
Requests: 4 HTTP requests in this frame

Frame: data://truncated
Frame ID: BB5E5B2027C139120834E05D6D89A7F7
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 66A548D0D0505772D9EBC925678F029A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Spokesman-Review | Local News, Business, Entertainment, Sports & Weather for Eastern WashingtonArrow-rightCameraThe Spokesman-Review NewspaperThe Spokesman-Review NewspaperThe Spokesman-ReviewClose

Page URL History Show full URLs

  1. http://service7-coinbase.com/ HTTP 307
    https://spokesman.com/ HTTP 301
    https://www.spokesman.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

115
Requests

90 %
HTTPS

0 %
IPv6

24
Domains

41
Subdomains

30
IPs

5
Countries

14516 kB
Transfer

17899 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://service7-coinbase.com/ HTTP 307
    https://spokesman.com/ HTTP 301
    https://www.spokesman.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1619 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
Request Chain 93
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIxNDE1MTQ5NjgyMjAzMjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELiy062GE-aTJ_uYgy9TkKk&google_cver=1
Request Chain 94
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3199c719-c11e-4aba-a9d9-c05273db00bb
Request Chain 95
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&ovsid=b1e30202-3f71-49e6-b63b-63130fd50bc4&type=loop&gdpr_consent=null&gdpr=0
Request Chain 97
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3199c719-c11e-4aba-a9d9-c05273db00bb
Request Chain 98
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&ovsid=549397d0-531e-41cd-a0fa-f7cb7a422702&type=loop&gdpr_consent=null&gdpr=0
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIxNDE1MTQ5NjgyMjA5MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELiy062GE-aTJ_uYgy9TkKk&google_cver=1

115 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.spokesman.com/
Redirect Chain
  • http://service7-coinbase.com/
  • https://spokesman.com/
  • https://www.spokesman.com/
243 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-52.mrs52.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
2a18a7f911b08ef4a30e288e57cf7a73c61aebc4946c8604b18a7ab96de6c187
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
80
cache-control
max-age=300
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 10 Mar 2023 01:57:39 GMT
referrer-policy
same-origin
server
nginx/1.22.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,Cookie
via
1.1 0a9fd9b1edd4fcf9c2536f0010f33152.cloudfront.net (CloudFront)
x-amz-cf-id
N0I2o2FK_zH-E_2JnOeC2J72hiHbrjV5Riwx93oGW4jSL4RJCfOZDA==
x-amz-cf-pop
MRS52-P3
x-amzn-trace-id
Root=1-640a8e92-29d4d0592e389286121dbdae
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noarchive

Redirect headers

age
1167
content-length
0
date
Fri, 10 Mar 2023 01:39:31 GMT
location
https://www.spokesman.com/
server
AmazonS3
via
1.1 b8924c6b1eac8fe7d9c9873915e5d06a.cloudfront.net (CloudFront)
x-amz-cf-id
bz_XY3XWy92K_cKV7ud25NmScoRU1AdiJ2IGfV6cnlt1_2Q-WqsDjQ==
x-amz-cf-pop
MRS52-C2
x-cache
Hit from cloudfront
sr-loader.png
thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/sr-loader.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-97.mrs52.r.cloudfront.net
Software
Thumbor/6.7.5 /
Resource Hash
ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 10:49:25 GMT
via
1.1 4d7b5de37aeab9fce259cf61156ea4a4.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
MRS52-C2
age
15952175
etag
"7b6592542ec6d8d4377eb143251c2f5b7d76aad9"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
11662
x-amz-cf-id
qERo96XU2X8aIQ-lC5_I2Th4s1FHSNxZYpN3HiAVH-T7oUnaPwwXTQ==
expires
Fri, 01 Sep 2023 10:49:25 GMT
style.min.4bb3e7338cf6.css
static.spokesman.com/sv3/css/ 		422 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/css/style.min.4bb3e7338cf6.css
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-36.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c95f546f0db11cefb219fe6216a0fddc73bd0644fc0d342ec0f49b0b052f6679

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 00:06:21 GMT
content-encoding
gzip
via
1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 00:00:43 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P1
age
179560
etag
W/"4bb3e7338cf6eaea32516446adff8ddb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
0cazyrY_-JrrkaIsuL3oSdFzvgu8QvVVtBwlETNUgq3oObGkchJNdw==
jquery.min.12b69d0ae6c6.js
static.spokesman.com/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/js/jquery.min.12b69d0ae6c6.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-36.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 11:51:03 GMT
content-encoding
gzip
via
1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront)
last-modified
Wed, 14 Sep 2022 00:47:07 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P1
age
14825278
etag
W/"12b69d0ae6c6f0c42942ae6da2896e84"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
zNFwEUHlnGwPpAP5-KUTVIczCYf-rHDX5oCowGN6y-DVgB-cUd_IHg==
critical.min.7f719ef7842f.js
static.spokesman.com/sv3/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/js/critical.min.7f719ef7842f.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-36.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ba65148259568967389d182b434f97e0da7b6cd83abf926a602433a340ca9d0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 00:48:24 GMT
content-encoding
gzip
via
1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 18:41:54 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P1
age
3287438
etag
W/"7f719ef7842f474e36e669c95955f7b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
RLmI0ADpuBS8beCw1CdsVMzU9IDIkFjJGR7OU-pZt8cHhF48554XEA==
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		64 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1194406
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-75.mrs52.r.cloudfront.net
Software
envoy /
Resource Hash
ce0f6cc88e852aa5a7affdbcef57f11de5bbfd72f4287f473c9b1893832b888c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:02 GMT
via
1.1 208f48681f6b479ae682201c08156bc2.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
MRS52-P1
vary
Origin,Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
3
x-amz-cf-id
KsvyNAaB5ns33h5_B6DqgjG2CzRhIp75tAe6Daj8eH2CKpEP_Z33TA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
1978da8b5ab803cfd4f19f5ab9c3cb0de14ba1dd666312ec9afb932d6063958a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27423
x-xss-protection
0
server
sffe
etag
"1506 / 260 of 1000 / last-modified: 1678403375"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Mar 2023 01:59:02 GMT
base_ads.b6d5845dec51.js
static.spokesman.com/ads/spokesman/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/ads/spokesman/base_ads.b6d5845dec51.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-36.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e93c85341a48fbccd80f6d316b0d45b3b951169f4390adfb5cf81609f4160d45

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 02:13:03 GMT
content-encoding
gzip
via
1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront)
last-modified
Thu, 25 Aug 2022 15:31:59 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P1
age
16674360
etag
W/"b6d5845dec51d4391b512b6bb304766d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
1BC2AAswI1PuI5kThdXHV14PQtuWA0Ecj8V6K11ZWpKYKEW_hlGuuQ==
day-clear.png
static.spokesman.com/sv3/img/weather/header-icons/new/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.spokesman.com/sv3/img/weather/header-icons/new/day-clear.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-36.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eaf1a8c6cabdead3a47f6ee65cdf7e397b13afb5c3ba959519cdb144812534a1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:08:20 GMT
via
1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 20:48:55 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P1
age
186643
etag
"d3b858ea96628e5a88eae296a67f7c74"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
13672
x-amz-cf-id
FvuNTybXo4dW0uCmFbY3wXtTRWdVNH8SmuFK8rtiQZGlCLYUnkS6tA==
gtm.js
www.googletagmanager.com/ 		138 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2392bd3ca80763ab369fe30a8958537c806820054c43937b5139e0b366815b1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52227
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 01:14:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Mar 2023 01:59:02 GMT
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4890a3c7a6d70985e71fb7178c58b8c3ff183e6edbb3f07a41affe5b897d3ae

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
6408263616e95.hires.jpg
media.spokesman.com/photos/2023/03/07/ 		6 MB
6 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2023/03/07/6408263616e95.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-49.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4f895942e85dc331685742c6497f2111ee9c9305a8222d4824e23d6d7bfaa5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
PDEnA7xhCR5aqWcn1Lls1n_wN1_UcPox
date
Fri, 10 Mar 2023 01:59:03 GMT
via
1.1 6a3d98aad6a6ea4a9a35b5590bdb3da6.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
1623
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
6493530
last-modified
Wed, 08 Mar 2023 06:22:50 GMT
server
AmazonS3
etag
"f7060423203420f75ba12768d2e08fa3"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
Tpy0SORzR0UUyE3oFapsc1l06aMfhVAbZbNmFHyKr9qUnmIMvHAWIA==
6407d0360eb74.hires.jpg
media.spokesman.com/photos/2023/03/07/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2023/03/07/6407d0360eb74.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-49.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6ac504e86e80bbe003b424f85206446c6a7dee7b452251550d9ec9ad6437f7f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
TOlWQ2syuGgD.T6wWQ1t5sc_Gyw4K4YT
date
Fri, 10 Mar 2023 01:59:03 GMT
via
1.1 6a3d98aad6a6ea4a9a35b5590bdb3da6.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
1623
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
1255303
last-modified
Wed, 08 Mar 2023 00:08:08 GMT
server
AmazonS3
etag
"47573750e14553ac68ab6669643a2bd3"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
JHyet2SFQ1iWB-OH4m03LdDLtzY4K9i5Qdkf0U2wliGbMbIyqZ57NQ==
64002306c4520.hires.jpg
media.spokesman.com/photos/2023/03/01/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2023/03/01/64002306c4520.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-49.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc788698340af3d23c61c6d8d7debe31f26bb8c44a6643058a84ca249983daa2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
11eXvK6XfPE__ledAzvPq.JwLKdgOdxm
date
Fri, 10 Mar 2023 01:59:03 GMT
via
1.1 6a3d98aad6a6ea4a9a35b5590bdb3da6.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
1623
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3167548
last-modified
Thu, 02 Mar 2023 05:01:24 GMT
server
AmazonS3
etag
"d213ba89ca35cc79ba51d2f399371b96"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
3zGJmC2pjKXGyAlK4IRrSje6QeDny_A0B6WwBe_oaESQ4Ty_v2NhkQ==
Screen_Shot_2023-02-27_at_5.32.23_PM.png
media.spokesman.com/video_images/2023/02/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/video_images/2023/02/Screen_Shot_2023-02-27_at_5.32.23_PM.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-49.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de6368d1df3c31f21d38cf9ef934bf948d96f1cd481d228a09e1d4199dcf1269

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
_FBIl2iySe1yPDYcgxOhiyaS1_h14r_8
date
Fri, 10 Mar 2023 01:59:04 GMT
via
1.1 6a3d98aad6a6ea4a9a35b5590bdb3da6.cloudfront.net (CloudFront)
last-modified
Tue, 28 Feb 2023 01:37:57 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P1
x-amz-server-side-encryption
AES256
etag
"3de926f84ca7f880331376a5e82f099b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1317825
x-amz-cf-id
blpZ2uL9LeOEe-SOTIjMaXNDyPS7_EOxHJVCLp_9EUUMqSMAtLkVVQ==
marchstrickletease.jpg
media.spokesman.com/then_now_images/ 		379 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/then_now_images/marchstrickletease.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-49.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2703fd9d67156cd74739bedba02116ac66aa4fc4c8fdb9bb56f2af545d2875d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
LhYJZ5y2kL5ekCoqXlQRbIhtF0i8LET6
date
Fri, 10 Mar 2023 01:59:03 GMT
via
1.1 6a3d98aad6a6ea4a9a35b5590bdb3da6.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
1623
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
388013
last-modified
Mon, 09 Jan 2023 16:28:40 GMT
server
AmazonS3
etag
"f1ea00a42da301d4370bda1ddc452937"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
fJJfIt-2IIK8OXqqUJMZuEWtANlCvGpQ6Ctbund1fOXXiYcTvCWGTQ==
truncated
/ 		172 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44c448205f15c4f82a4dfe267d5a2efac45224543d44a7c073b167813d449fce

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
MercuryTextG3-Italic-Pro.edfe4723e09e.otf
static.spokesman.com/sv3/fonts/mercury/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/fonts/mercury/MercuryTextG3-Italic-Pro.edfe4723e09e.otf
Requested by
Host: static.spokesman.com
URL: https://static.spokesman.com/sv3/css/style.min.4bb3e7338cf6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-36.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6dfc02a8e6f295102871d721f23120a13077e491345a93614fcbb43867de3301

Request headers

Referer
https://static.spokesman.com/sv3/css/style.min.4bb3e7338cf6.css
Origin
https://www.spokesman.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 05:19:17 GMT
via
1.1 19a730cc6a361ccbbf99b2c18fe3d654.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
3616785
x-cache
Hit from cloudfront
content-length
98936
last-modified
Tue, 24 Jan 2023 21:26:08 GMT
server
AmazonS3
etag
"edfe4723e09ee8d5e8b042a82c5a2ef2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://www.spokesman.com
cache-control
max-age=31536000,public
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
5_AykEKF0s1Ax1fvawNHbZM5VBVEAvaoJQioKxiy5fkC1FLjDyeBmA==
640a6a43b8cb4.hires.jpg
thumb.spokesman.com/lZ65bxjsIivDpIpOdBEdz-BRMiU=/1170x658/smart/media.spokesman.com/photos/2023/03/09/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/lZ65bxjsIivDpIpOdBEdz-BRMiU=/1170x658/smart/media.spokesman.com/photos/2023/03/09/640a6a43b8cb4.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-97.mrs52.r.cloudfront.net
Software
Thumbor/6.7.5 /
Resource Hash
1372899d8efa3fab00201660d851103b2e441960efb6333f88057ba639e84aa9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 00:52:26 GMT
via
1.1 4d7b5de37aeab9fce259cf61156ea4a4.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
MRS52-C2
age
3999
etag
"3a1197948ae1fd3290c152369e09b2017fccfcf6"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
109064
x-amz-cf-id
ZlWY14p6u-neb8PCzQX_WxVzEgaiffX55wJoH6Qh-KMJ6Z0hv3mJyA==
expires
Mon, 04 Mar 2024 00:52:26 GMT
640a5c7c73db5.image.jpg
thumb.spokesman.com/qQiBQJ4BuiQZpIRiDbfwNy0Zm9Y=/530x298/smart/media.spokesman.com/photos/2023/03/09/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/qQiBQJ4BuiQZpIRiDbfwNy0Zm9Y=/530x298/smart/media.spokesman.com/photos/2023/03/09/640a5c7c73db5.image.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-97.mrs52.r.cloudfront.net
Software
Thumbor/6.7.5 /
Resource Hash
17acf455e2cfae82895405fccd76478c6d0149de9bbb5ea27b365ea91169313f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 22:53:57 GMT
via
1.1 4d7b5de37aeab9fce259cf61156ea4a4.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
MRS52-C2
age
11108
etag
"093025a7ca3ab983613c1b6aa726a4dcd8deae35"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
31082
x-amz-cf-id
RC90PyKKzuwNklu2j1D8vNQfnWaakWEIDYFH1yIBEr4cWYV0tClLHw==
expires
Sun, 03 Mar 2024 22:53:57 GMT
64093daf2d7b2.hires.jpg
thumb.spokesman.com/KtryMKmwHPeTqeTTxHE7u4vWhvk=/530x298/smart/media.spokesman.com/photos/2023/03/08/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/KtryMKmwHPeTqeTTxHE7u4vWhvk=/530x298/smart/media.spokesman.com/photos/2023/03/08/64093daf2d7b2.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-97.mrs52.r.cloudfront.net
Software
Thumbor/6.7.5 /
Resource Hash
8496d561d1048a1ab765f2bd9c75e2ab60359794bb636150cca515e187e4eeee

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 04:05:01 GMT
via
1.1 4d7b5de37aeab9fce259cf61156ea4a4.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
MRS52-C2
age
78844
etag
"d2c149904c67660f41ddc96bb4efdd04a68d22da"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
18300
x-amz-cf-id
GyrvflrTlgPiY4rnm1cT8MckIxPwH5wwlRp_sUDAbWujoCgXNp8YeA==
expires
Sun, 03 Mar 2024 04:05:01 GMT
6408c95302768.hires.jpg
thumb.spokesman.com/-lcSKCj71IWRLJbNPufPkvKBw4M=/530x298/smart/media.spokesman.com/photos/2023/03/08/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/-lcSKCj71IWRLJbNPufPkvKBw4M=/530x298/smart/media.spokesman.com/photos/2023/03/08/6408c95302768.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-97.mrs52.r.cloudfront.net
Software
Thumbor/6.7.5 /
Resource Hash
d206ac7a5d31faadb933717d02b03beb2b0245ad44fe0ec721801094dfc1f7ac

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 05:12:07 GMT
via
1.1 4d7b5de37aeab9fce259cf61156ea4a4.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
MRS52-C2
age
74818
etag
"925e3cbbd0e35cf6cbc24b7f956392faf77da56d"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
34342
x-amz-cf-id
ElRm8T0zKLu5RKCIPHry_Sj0YtQpjSIZpv1kfUJEBQ5JWQ_MogBHHw==
expires
Sun, 03 Mar 2024 05:12:07 GMT
pubads_impl_2023030601.js
securepubads.g.doubleclick.net/gpt/ 		393 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
835c46f680eda60ae7a5ebe49e9a7c9187e98bdb7f859226cdee3a03f178c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 19:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135664
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 09:35:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Mar 2024 19:07:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		95 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.spokesman.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e15f20e9ef9afb2d807e387e719bf1e183ac72a1ff378d2b28f79cc33efd9ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
x-xss-protection
0
expires
Fri, 10 Mar 2023 01:59:03 GMT
noncritical.min.21be32a1957d.js
static.spokesman.com/sv3/js/ 		1 MB
376 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/js/noncritical.min.21be32a1957d.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-36.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a2aee262821f014d61d9949b24dd6e194a702ae23c9e3661824e512e550ec09

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 17:17:50 GMT
content-encoding
gzip
via
1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront)
last-modified
Sat, 24 Sep 2022 00:06:57 GMT
server
AmazonS3
x-amz-cf-pop
MRS52-P1
age
14373677
etag
W/"21be32a1957dfe9740992b69551e2dbc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
FkToX-BBjxpoXmmVJw22hi5jbqaJ5HSfFWBsuTGUpdjXEv1GSx9SCA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 Mar 2023 01:31:14 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1672
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 10 Mar 2023 03:31:14 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma20153/575681700/20/
Redirect Chain
  • https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1619
  • https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
148 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
a77ccf47a61b8eb1d83a4101826726c3b2b0e5b34eb9f2601785b4d1e513932c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:56:06 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Aug 2022 08:39:28 GMT
server
nginx
age
54180
etag
"0033e6720ea8d009cad21d1cffea7a41"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 05:22:38 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43903

Redirect headers

date
Fri, 10 Mar 2023 01:59:06 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
9-gc-uswest1-fhdg0977
js
www.googletagmanager.com/gtag/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
81a9acf215ecf4e6b814d427b782651fb5ea8a05388d374e35431cb50ba206b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78721
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 Mar 2023 01:59:06 GMT
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1194406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-61.sin5.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 10 Mar 2023 01:59:04 GMT
via
1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.spokesman.com
access-control-allow-credentials
true
x-amz-cf-id
IPIvzG0WicaKCuvAtBmwidGWpihsBq4TptarxUsfZqam7IBg1gIzew==
homepage.ba1889af7be1.json
static.spokesman.com/ads/spokesman/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/ads/spokesman/homepage.ba1889af7be1.json
Requested by
Host: static.spokesman.com
URL: https://static.spokesman.com/ads/spokesman/base_ads.b6d5845dec51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-36.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79fc30a3a4b255c915bba01c0691a5653ec71151821aedb5147898821927e362

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 12:12:08 GMT
content-encoding
gzip
via
1.1 19a730cc6a361ccbbf99b2c18fe3d654.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
4369619
x-cache
Hit from cloudfront
last-modified
Wed, 18 Jan 2023 01:03:07 GMT
server
AmazonS3
etag
W/"ba1889af7be1a2a7e8f93d1af49b39ef"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
https://www.spokesman.com
cache-control
max-age=31536000,public
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
x-amz-cf-id
cJOUk7yDZoU_sFb9WuMRVuFmFOSRC9mMAvYev5L8qDEFc7yPnAI0tw==
collect
www.google-analytics.com/g/ 		0
164 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-G3BY0LGVDL&gtm=45je3360&_p=1924062978&cid=1570723848.1678413547&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sid=1678413546&sct=1&seg=0&dl=https%3A%2F%2Fwww.spokesman.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=homepage
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.spokesman.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.spokesman.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		187 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4289773180863828&correlator=1216629649535520&eid=31072895%2C31072916&output=ldjh&gdfp_req=1&vrg=2023030601&ptt=17&impl=fifs&iu_parts=1009641%2CSpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100%2CSpokesmanDesktop_Homepage_Anchor_729x90%2CSpokesman_homepage_top_300x250%2CSpokesmanDesktop_Homepage_Dashboard_300x250%2CSpokesman_homepage_728x90%2CSpokesmanDesktop_homepage_1_728x90%2CSpokesmanDesktop_homepage_2_728x90%2CSpokesmanDesktop_homepage_3_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=1280x100%2C728x90%2C300x600%7C300x250%2C300x250%2C728x90%2C728x90%2C728x90%2C728x90&ifi=1&adks=2404035854%2C1337061979%2C3725654123%2C811898262%2C883754903%2C3635373852%2C2447737946%2C2531107668&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1678413546745&lmt=1678413546&dlt=1678413539864&idt=6423&adxs=160%2C436%2C1220%2C1151%2C436%2C244%2C244%2C244&adys=223%2C1110%2C340%2C1900%2C8551%2C4798%2C6140%2C6817&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.spokesman.com%2F&frm=20&vis=1&psz=1600x101%7C1600x-1%7C300x0%7C300x0%7C1600x0%7C1088x0%7C1088x0%7C1088x0&msz=1600x101%7C1600x-1%7C300x0%7C300x0%7C1600x0%7C1088x0%7C1088x0%7C1088x0&fws=4%2C516%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1570723848.1678413547&ga_sid=1678413547&ga_hid=1924062978&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
da938d67819ff68d15b6f947972f51cbb710c5db7544e86024de409f2398dc29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32468
x-xss-protection
0
google-lineitem-id
6212181527,6240252702,6230841246,-1,-2,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138421662004,138425764414,138424579123,-1,-2,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B14F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Mar 2023 01:59:07 GMT
expires
Sat, 09 Mar 2024 01:59:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		8 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-230256-14&cid=1570723848.1678413547&jid=1727373717&gjid=289790894&_gid=785647978.1678413547&_u=YCDAiEABBAAAAEACI~&z=767218612
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 10 Mar 2023 01:59:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1924062978&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAAAACI~&jid=1727373717&gjid=289790894&cid=1570723848.1678413547&tid=UA-230256-14&_gid=785647978.1678413547&gtm=45He3360n715P9SH6&cd7=Homepage&cd9=homepage&z=982294719
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 00:55:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3798
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&hier=Homepage&ptype=homepage&pubname=The%20Spokesman-Review&sec=Homepage&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=9d10ee23-0b38-43c1-a966-dbc243d380de&pid=0b86d3c3-8ee5-4782-8e13-0bb273894b2c&dtm=1678413547027&qnm=_matherq&visible=1&tabid=3378f285-23f7-4b1d-ac92-ed1d36840f08&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10776&tofa=1678413547&vid=1&lvidt=1678413547&duid=81db188d-f360-4f45-a86b-24846f74dca3&fp=3102469237&cid=ma20153&mrk=575681700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3ODQxMzUzNTc1MiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxNi4xbWIiLCJmc3RQYWludCI6IjYyNDAiLCJmZXRjaFMiOiIyMTk3IiwiZG9tYWluUyI6IjIxOTgiLCJkb21haW5FIjoiMjIyOSIsImNvbm5TIjoiMjIyOSIsImNvbm5FIjoiMzAzNSIsInNzbFMiOiIyNjI5IiwicmVxdVMiOiIzMDM1IiwicmVzcFMiOiI0MTA4IiwicmVzcEUiOiI0NTA2IiwiZG9tTG9hZCI6IjQxMTIiLCJkb21JbnRlciI6IjYyMjQiLCJkb21Mb2FkUyI6IjY5NDciLCJkb21Mb2FkRSI6IjY5NDgifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIxNTcwNzIzODQ4IiwicmVmVGltZSI6IjE2Nzg0MTM1NDcwMjYifV19
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 10 Mar 2023 01:59:08 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
loader.min.js
loader-cdn.azureedge.net/prod/spokesman/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Requested by
Host: static.spokesman.com
URL: https://static.spokesman.com/sv3/js/noncritical.min.21be32a1957d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7AC) /
Resource Hash
f86632279d90c9d73259e4a4acf59b20bf3afe6d7b5f0278766e1ce7d6645eb4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Mar 2023 01:59:09 GMT
content-encoding
gzip
content-md5
wroWZyaFsIVsr/c0P2WxbA==
age
19058
x-cache
HIT
content-length
11518
x-ms-lease-status
unlocked
last-modified
Thu, 02 Mar 2023 05:12:02 GMT
server
ECAcc (nwa/E7AC)
etag
0x8DB1ADCA8C3E608
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
106fc4d1-501e-0071-19c7-521195000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-230256-14&cid=1570723848.1678413547&jid=1727373717&_u=YCDAiEABBAAAAEACI~&z=1816633505
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.au/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-230256-14&cid=1570723848.1678413547&jid=1727373717&_u=YCDAiEABBAAAAEACI~&z=1816633505
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1F95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufUz3BVi2Ziwgta1qyQW1mM2nwGUcavbrA8B3HHpvTY0bH3ZOt1fdVRAaeqJaP5V0aDq6x8HyJpkN2Q7tmEc_sSaKCYvMgVCLMFaH_7iGuP5qjENAu8rvIR7myT47CaA_J7crGcIqiAoLiyTD35a7ryMLPAyfgricICvQ8lxDXVCp2nVRMhxUoNIXdQyvistRG_2mvaqCb0YF9QhFqcYVHL67blxdgp0KVi-nrx2Y3sRsAoHhNU-uKIBvix_j-44RCmnudeElgkgEiwvH36BtpZ4Hiz0LKjXdXbwUTifrR02MVFeGxF3fScDWWUr89dlcjv2EVXYgsBwFJOLXrv728SohUokwGHDv5LqMihyaLo1CXZvB4JQ&sai=AMfl-YRWQS57K97jBWuz3UddZk1om0dvratvv6XyghBckVfg2S0b_c3kYo1q3Wj6ICU0B-bSJPOZEXcrSFKiUELsbRBLGQydhAgHlbjbCGBFP27cgVZOA2wg0CpSsfx0RYapgIx67FSNS8BF7V-MsAY&sig=Cg0ArKJSzLmPIg4-BVgVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Mar 2023 01:59:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/ Frame 1F95 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
23460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 19:28:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 1F95 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
23461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 19:28:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F95 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Mar 2023 01:59:07 GMT
4308383205450472885
tpc.googlesyndication.com/simgad/ Frame 1F95 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4308383205450472885
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a1383e1ed8738bb62c30ec424ca3730b0fb0741da0814fa969e4764a06bde904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96648
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 18:34:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 09 Mar 2024 01:59:08 GMT
container.html
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 90A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Mar 2023 01:59:07 GMT
expires
Sat, 09 Mar 2024 01:59:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F47C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstE6MuPFmOdogLfbd350ogpO5B0EIruuN_9hNYeO05MYhLFhruhGJLAxofJR59dcfHZdd7NBX_KSfgLyDJu0tZnRMHaXx0wdwm_rM4zHPkNOY2CnYYpCOgkGhXb0gI4lb-e1Pjd2wznFiB2I5j3Sl9i-F5QHZVMXI5sTWEBHkxvjwWyzXJpLFRGj5_5qYGtF8xzZiwjPqpDN0laC8AyMqc-3tDAr0UlniAv3md9wTBpLcqO7an4DOg-6UtnJSuSxMzsYdk8Q3vLEWFfS1grQzQOM6Y9neSIDHxPb5tT4k6Dl4PLQegAOYDOcvAyQwbGKtPEgEJAZoAFyWpSdYYyzByug&sai=AMfl-YQ8ecPwoW9eU6rc5KwkYjIDE7w77X1QL7easAcaEH2Ueg2pTPQPxSlMG0w8_kP1zR5Jrvy4v_ycY81GwSQSev_R51XszBkb5It_z9e7YCpzcgIgof3ERb_fnhAVK8N35UJTTJZ4DQSJzLJdUUA&sig=Cg0ArKJSzAhMZ36Uy_uiEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Mar 2023 01:59:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/ Frame F47C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
23461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 19:28:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame F47C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
23461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 19:28:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F47C 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Mar 2023 01:59:07 GMT
3062688740530922722
tpc.googlesyndication.com/simgad/ Frame F47C 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3062688740530922722
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
cd876e84fbf0f219be31e05c20161da068fdf4419a35343f010e58e3146b22ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 08:22:00 GMT
x-content-type-options
nosniff
age
63427
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61415
x-xss-protection
0
last-modified
Fri, 24 Feb 2023 21:57:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Mar 2024 08:22:00 GMT
container.html
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 593E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Mar 2023 01:59:07 GMT
expires
Sat, 09 Mar 2024 01:59:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3151 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Mar 2023 01:59:07 GMT
expires
Sat, 09 Mar 2024 01:59:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 90A1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 02:16:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
171743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Mar 2024 02:16:44 GMT
/
a2.adform.net/adfscript/ Frame 90A1 		693 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfscript/?bn=62201998
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9a734522d40c7d247fad76eb0e347f7ed7229a04eaf5b011b3dd3afecf3ea4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
527
expires
-1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 90A1 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Mar 2023 01:59:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 593E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFXy56o4KZM_sNsaY1AbsjJjwCazX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTk3Nzk2NTIxMjIwMTQ3MjjIAQngAgCoAwGqBKcCT9B0IrBPN9i7YSy0dlL-cD9dVAvhqBLaYqlH5ETJ2xx_HwfrlClBHbqFHaN7XHjUakMUJgfnS4sk_FX5GjfRP68j7ckoAZntgZyFjk9V96elR_LEzeV2YUmh66WCVlNteGmu7tf74stk7RJo7i6sfTEIrm14qSglo8np49TWMLGsoDvFkkCsB08Ze-a3okpmO4ILtM57WNTo-oEva6jYlPrSHcW0OpRvP9h1-lIvjkdWgCChVET8Pk8cH69m18ULECR5zkKnTRa1S1ArC1McR2wz4lAXQdesTq2xIm_7EivvY6tIfNYdBYrKa9N_DiyeniKh5RzQuwfahUteMXigiMzBfiWvoNEx9DPAK9x_oFW4oyxyQRiHDTKP3PK36fX2narc57yQuOAEAYAG85m-tYqp85s6oAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTc3OTY1MjEyMjAxNDcyOBi5igY&sigh=P0GCXLdQ4tY&uach_m=[UACH]&cid=CAQSSwDUE5ymrPqVgfe_diBUqdGotc3TcaILJ69Ob6gSG4dmlzTOA_S35d6ejsu3qlkI1X0uHA3VFvnjQhH9jxTHxSKODTT-K9FToUTWIBgB
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
log
hblg.media.net/ Frame 593E 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=5586c0349fd944f4a8beebe9e6f51a53&bidrestime=1678413547080&cbdp=0.02&ogbdp=0.05&prvReqId=7341914241899_101854509_52982010423131&pvid=313&scrid=1700080807683400300025000000500&size=300x250&slotVisibility=2&viewability=46&app=0&cc=AU&cid=8CU3SX34C&csip=rtb-common-istio-86d7b6879f-flc97.SG&device_id=4&dn=spokesman.com&itype=ADX&mang=1&requrl=https%3A%2F%2Fwww.spokesman.com&dtc=apac_sg&zone=b&commit_id=bd539c93&ugd=4&ctr=7.2118855E-5&rme=nurl
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:08 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 10 Mar 2023 01:59:08 GMT
log
qsearch-a.akamaihd.net/ Frame 593E 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=20&splid=&app_type=&bdr_typ=1&ogerpm=0.05&dn=spokesman.com&stid=div-gpt-ad-1493397478135-0&other_prv=313&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.64+Safari%2F537.36&jar_err=&buyer_id=&bdp_wider_bucket=1&adtyp=0&acid=5586c0349fd944f4a8beebe9e6f51a53&req_id=Fq9r1EbeSLSDliV2spCepg&bidfp=0.0100&pvag_id=&ugd=4&zone=b&infl=&o_ver=NT+10.0&br_ver=111.0.5563.64&exp=&deal_id=&ver=9.2.4&totalTimeBucket=2&visibility=2&fdbk_id=&second_bidder=*&totalTime=2465300&e_rpm=&dmm_m22=0.0500&gpid_format=&gdpr=&vsid=&seat=BID_API&rc=-1&size=300x250&f_seg=&prdp=&gpid_sent=false&ogerpm_used=false&sfm_key=&cid=8CU3SX34C&bcrid=1700080807683400300025000000500&ogcbdp=0.0500&dfpbd=&server=6&ogerpm_wd_bkt=0-1&viewability=0.46&rawbid=0.05&dmm_r=&dmm_l=&sub_bidder=196&tcyerpm=&sc=AU-NSW&send_erpm=false&pst=EMS&sd=&hb_exp=&pbshr=100.0000&seg=&dmm_d10=&o_id=101&clisp=rtb-common-istio-86d7b6879f-flc97.SG&adblk=811898262&ugd_ver=&requrl=spokesman.com&itype=adx&pvid_seat=313_BID_API&bidrestime=0&cc=AU&strg=smm_migration_test&ss=&cliIP=0&advurl=topics.businessfocus.online%2F&crid=529820104&time_stamp=2023-03-10+01%3A59%3A07&sat=1&rvshhon=&bdp=0.0500&br_id=265&ct=beaconsfield&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.0&sc_pvid=313&capd=&asn=54203&algo=&other_bids=0.05&dc=apac_sg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.87.193.156 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Mar 2023 01:59:08 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 10 Mar 2023 01:59:08 GMT
nmedianet.js
contextual.media.net/ Frame 593E 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1302c52196ad43b30017f9a7ebe906b512c2f5179756c3f6e546b903f67627fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-mnt-h
22-plrp
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 10 Mar 2023 01:59:08 GMT
server
Apache
etag
"432c0dfe52fb6b1882ffe38d375fbc91"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-0br1
timing-allow-origin
*
expires
Fri, 10 Mar 2023 02:04:08 GMT
release-20230309-85-adperformance.js
warp.media.net/rtb/resources/ Frame 593E 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230309-85-adperformance.js
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
b8efe4a0e6a6754322fe6c09529fab576b5fbfb7ea28c17fe3fac6ee8de5e155
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Fri, 10 Mar 2023 01:59:08 GMT
x-guploader-uploadid
ADPycduESgXjH3ti7HOkc2b1BZ2Mol2Lz3RSFFHPuy-7DUT72YACYwhMDt4-m60IxpAmYyF90XNjlCGPyEibJAEK5-88Mw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25043
server
UploadServer
etag
"8b46dc3324670db478550a2f61df9038"
vary
Accept-Encoding
x-goog-hash
md5=i0bcMyRnDbR4VQovYd+QOA==, crc32c=066A6Q==
content-type
application/javascript
x-goog-generation
1678368838889315
cache-control
max-age=3600
x-goog-stored-content-length
73000
expires
Fri, 10 Mar 2023 02:59:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 593E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/window_focus_fy2021.js
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
23462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 19:28:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 593E 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 18:40:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
26338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 18:40:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 593E 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 02:16:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
171743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Mar 2024 02:16:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 593E 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Mar 2023 01:59:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3151 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CktNs6o4KZNLsNsaY1AbsjJjwCazX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTk3Nzk2NTIxMjIwMTQ3MjjIAQngAgCoAwGqBJoCT9CLXRwJske3CEhmkWTlVpiUj3V3R47JVMTbv5iQ3RzS5X-5PbrAPNNEzsBiKEOPUfr-8Z6W5iXC98S6_TUqbxT6xMl6P6dG1zifkGRBInxHq8AinvQC03w7Q82J3AFrcGWcrZggnkcdnq-UPn0XIWUSSFiXrs4HJu7su5AnQ0v5ZZh5FPdbb-n7DMtqvlNu4Abm4X1jJPWzwBiug0zD6mrXvnJpr57IHdBssyYbb4zgyc2JIoTiGyJktguwKB8Akh47HlLWGiWXXOiaPwz18uDfidUPYcQNbgk7_i75CJfCYIgMHbaYPa3yOcvL2lvPpnVdB0U42WmEMJaEu4oD_DeIaxxs7fVyOwOYVSMhqetGdedpCZ2DUJKk4AQBgAaG1be3q_22pPgBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTc3OTY1MjEyMjAxNDcyOBi5igY&sigh=wJf035yGyaY&uach_m=[UACH]&cid=CAQSSwDUE5ymrPqVgfe_diBUqdGotc3TcaILJ69Ob6gSG4dmlzTOA_S35d6ejsu3qlkI1X0uHA3VFvnjQhH9jxTHxSKODTT-K9FToUTWIBgB
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
log
hblg.media.net/ Frame 3151 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=d5570c8072724f489369bebe56727379&bidrestime=1678413547063&cbdp=0.02&ogbdp=0.02&prvReqId=16446259332462_1996122979_52982010413131&pvid=313&scrid=1700080812610100728009000000500&size=728x90&slotVisibility=2&viewability=12&app=0&cc=AU&cid=8CU3SX34C&csip=rtb-common-istio-86d7b6879f-dfg7z.SG&device_id=4&dn=spokesman.com&itype=ADX&mang=1&requrl=https%3A%2F%2Fwww.spokesman.com&dtc=apac_sg&zone=b&commit_id=bd539c93&ugd=4&ctr=3.1229505E-5&rme=nurl
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:08 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 10 Mar 2023 01:59:08 GMT
log
qsearch-a.akamaihd.net/ Frame 3151 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=20&splid=&app_type=&bdr_typ=1&ogerpm=0.01&dn=spokesman.com&stid=div-gpt-ad-1452211202205-1&other_prv=313&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.64+Safari%2F537.36&jar_err=&buyer_id=&bdp_wider_bucket=1&adtyp=0&acid=d5570c8072724f489369bebe56727379&req_id=URYWHVW__UpJIv3774KtJg&bidfp=0.0100&pvag_id=&ugd=4&zone=b&infl=&o_ver=NT+10.0&br_ver=111.0.5563.64&exp=&deal_id=&ver=9.2.4&totalTimeBucket=2&visibility=2&fdbk_id=&second_bidder=*&totalTime=2065829&e_rpm=&dmm_m22=0.0100&gpid_format=&gdpr=&vsid=&seat=BID_API&rc=-1&size=728x90&f_seg=&prdp=&gpid_sent=false&ogerpm_used=false&sfm_key=&cid=8CU3SX34C&bcrid=1700080812610100728009000000500&ogcbdp=0.0200&dfpbd=&server=6&ogerpm_wd_bkt=0-1&viewability=0.12&rawbid=0.02&dmm_r=&dmm_l=&sub_bidder=196&tcyerpm=&sc=AU-NSW&send_erpm=false&pst=EMS&sd=&hb_exp=&pbshr=100.0000&seg=&dmm_d10=&o_id=101&clisp=rtb-common-istio-86d7b6879f-dfg7z.SG&adblk=2447737946&ugd_ver=&requrl=spokesman.com&itype=adx&pvid_seat=313_BID_API&bidrestime=0&cc=AU&strg=smm_migration_test&ss=&cliIP=0&advurl=topics.businessfocus.online%2F&crid=529820104&time_stamp=2023-03-10+01%3A59%3A07&sat=1&rvshhon=&bdp=0.0200&br_id=265&ct=beaconsfield&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.0&sc_pvid=313&capd=&asn=54203&algo=&other_bids=0.02&dc=apac_sg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.87.193.156 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Mar 2023 01:59:08 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 10 Mar 2023 01:59:08 GMT
nmedianet.js
contextual.media.net/ Frame 3151 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c9d78489367e0012068f3062d5b7c15318205bffca970ad5f4ee608aa56dd61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-mnt-h
22-plrp
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 10 Mar 2023 01:59:08 GMT
server
Apache
etag
"432c0dfe52fb6b1882ffe38d375fbc91"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-0br1
timing-allow-origin
*
expires
Fri, 10 Mar 2023 02:04:08 GMT
release-20230309-85-adperformance.js
warp.media.net/rtb/resources/ Frame 3151 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230309-85-adperformance.js
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
b8efe4a0e6a6754322fe6c09529fab576b5fbfb7ea28c17fe3fac6ee8de5e155
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Fri, 10 Mar 2023 01:59:08 GMT
x-guploader-uploadid
ADPycduESgXjH3ti7HOkc2b1BZ2Mol2Lz3RSFFHPuy-7DUT72YACYwhMDt4-m60IxpAmYyF90XNjlCGPyEibJAEK5-88Mw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25043
server
UploadServer
etag
"8b46dc3324670db478550a2f61df9038"
vary
Accept-Encoding
x-goog-hash
md5=i0bcMyRnDbR4VQovYd+QOA==, crc32c=066A6Q==
content-type
application/javascript
x-goog-generation
1678368838889315
cache-control
max-age=3600
x-goog-stored-content-length
73000
expires
Fri, 10 Mar 2023 02:59:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 3151 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/window_focus_fy2021.js
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 19:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
23462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 19:28:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 3151 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 18:40:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
26338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 18:40:09 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3151 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 02:16:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
171743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Mar 2024 02:16:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3151 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49657
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1678278820084806"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Mar 2023 01:59:08 GMT
truncated
/ Frame 1F95 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea3a18259f10c2febe3e3e0510c8e43a544fd3833bd572eb8b0827c7b4672787

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 90A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuH9caNpskq7aLZqJmRiL8mYhF7EhFMRo6POkWtQ9pMHtyg_mCDG9URygx012s52mz4ZoaS82AncfwxDTUu6aHYdmT3jL7hkJNLnnAGywFAAulylo4TwL42T2nb5GG7MSY2kRrpzY_duwafwEse-TF-xDVQOYs0CiW4WFysdk-kxA7cpMQFHZL1UZrB_3DKnlOuw2TVh5FmL7iUm2pXopr1MHvjQ7ug2ctlfryaZ7ShgQinUUdoczYolM7jySrBM2YDwlWEnnAsKoZsrCnVGeo6S8WtFDMCyk_3bEp5ETHonOxFVh-S6dA5pBTbbk0DPguD7ioVjLbcLsDPq2A63h9v5Pofkler-uC6dw&sai=AMfl-YSzkMGupBG1ZWLqrmHIcw4o4fywo1uDJ5HGkUX4ZQOJEiMat1slneRCm3QF1dqJ_6BIgB2xi0ydrZz6HLipfQo3osY2y0bi-lMh4QTMsZ37TLFwJsnoNnfs88sf8YFGUwrAHmQB89akAXfypvs&sig=Cg0ArKJSzC_v_wpgIJhVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjIxMjE4MTUyNyIsImVidXkiOiIzMTQ1MTEwNzEwIiwiZWFkdiI6IjQ3OTUyNTI2ODMiLCJlY2lkIjoiMTM4NDIxNjYyMDA0IiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuRGVza3RvcF9TdXBlckxlYWRlckJvYXJkX0hvbWVQYWdlXzEyODB4MTAwIiwiZXNpZCI6bnVsbCwic2l6ZSI6IjEyODB4MTAwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=5d6f183d-fbc0-450c-841f-e9e0d89d8079&pid=0b86d3c3-8ee5-4782-8e13-0bb273894b2c&dtm=1678413547519&qnm=_matherq&visible=1&tabid=3378f285-23f7-4b1d-ac92-ed1d36840f08&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10776&tofa=1678413547&vid=1&lvidt=1678413547&duid=81db188d-f360-4f45-a86b-24846f74dca3&fp=3102469237&cid=ma20153&mrk=575681700
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 10 Mar 2023 01:59:08 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
bootstrap.js
s2.adform.net/stoat/626/s2.adform.net/ Frame 90A1 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/adfscript/?bn=62201998
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8dea6a682731d582228cc56c40f06680c40983d7c99b1805945647194c3aac19

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:09 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE, BYPASS, STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 03 Feb 2023 15:58:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1F95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMylG0Pa-I3yCAtcNevwwjGw7bNh6V7daKrkEI5XkM6uozeJb1dv_NEkcZu8FRln32v5rjoFK85kEiXoF_9cuCpY4u3Cd7mLuJkMxqW9fDM_2Oszw4mkVyYizg9LJeo4b3w9WUTWgMeA2iF64lkHccN9n9PBYbws_faWkE1_0DhAM3Es4noAd0-xjRd5ueMRK7Lv67rzu0DKjCvXZ2WI60QICatGJFqA9n6YrJ0sBf6S5F761OtKzWBdUcaECA8Qi4EKUajGq_pIcYAVDg7gz4PU6vJhEBwZzI-EB0jpE1ZeHc4Zix8I5Bm0SGthxNQ6nQm-fKPS3rmhgcLjOvM_IpXFv8F2nSMx2_D1DmlHrkBhewah67Kixu&sai=AMfl-YQbYeM25yKs4ohowSVuD9M089txZ6_7g2e1VkM0cVW4Q2qiGqLLM3b0wXaa2pNrsmf3BiawXreW5Kqs5BXKTiVRAqM8PmJYQ0AT_8h0JWzXE4mRpBlYetbdEMvlDz_iQiR0bI3vAdz2AZUtw9Q&sig=Cg0ArKJSzBcFhxhecoj5EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Mar 2023 01:59:08 GMT
truncated
/ Frame F47C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
001d52d71e67131cd8f782de7697e56b94f0d54b94c06b98f04fbe04ae7b0ac2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F47C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4hwdvNpPlMvKOYONE1F8Hr_zeTe8wxReVRcK-T6EY9gDBaB2ffSFV1_VrjkXZz-vVIMbIhPvPRZ6JNmLEj2jGDpOQIETxjse9E-Y21nBIM538DUqLPwj7AE0VDKj0uIYqSZdeAagLpSsyx-Yir_fsSNpJdtrgDuh1qQ6rlfa8HlHwvRkMHz3YhP_CBp-cL-2ObENQ6-lgAjUMZdQoyCTMkOmLF4ZwakwI5N8b-SqhHSfxhbCcyfOxB0--nDOe8woDR9yfWNznGR-aCHPGIiCcntOKzk9ceUN6UneaFOylk0-x8bzgtLb1JUYmIHy88wAgZs_KrJ3nH9apukJqyeFCZwZt&sai=AMfl-YQN8GZowXnquW4bKh86ts5-znl9PAOTJWA6kEqNAjOrkQkXQd0aYP_xqZ0aKnuzV8mrwEWm3RkLgzxWFDNbSv7z3ipNmvRrS1lMmS65SgNg6D_E6Z2Q72Q_rxyCPYw5_MwrgDjPdNny_6IyLo4&sig=Cg0ArKJSzIPe5-4yxGjuEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Mar 2023 01:59:08 GMT
smtr
contextual.media.net/ Frame 593E 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=883899441&size=300x250&cc=AU&chnm=smm_migration_test&pid=8POHZR87R&tpid=T6KWR4T&https=1&vif=2&requrl=https%3A%2F%2Fwww.spokesman.com&nse=5&vi=1678413548833155214&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&itid=17&bae=B4xqNBNBNx&bcpf=8fOnRrolnfOur8B4xqNBNBNx&bdrId=313&bid=335315&ntv=0&matchstring=hr%3D0%7Cbcat%3D7%2Ch%2Cgo%2Ci2%2Chb%2Cmk%2Chg%7Ccsh%3D1&sff=0&kttle=SafeFrame%20Container&katpre=1&katbid=-103&pgid=p1239107074t202303100159&essld=uhA.fHX.f9i.9~KP~KPoIbp~GJ1NmzQk8JjO&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&isid=313&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a2ce5cb0f16f4232c4368407237460450be76795a2f93ed08b230d3eafd65310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-wgsq
timing-allow-origin
*
content-length
28905
expires
Fri, 10 Mar 2023 01:59:09 GMT
bping.php
lg3.media.net/ Frame 593E 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=703&&vgd_cdv=891&vgd_cage=0&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=883899441&vi=1678413548833155214&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=170785098&r=1678413549005&requrl=https%3A%2F%2Fwww.spokesman.com&ssld=%7B%22QQ8E%22%3A%22uhA.fHX.f9i.9%22%2C%22QQNN%22%3A%22KP%22%2C%22QQQN%22%3A%22KPoIbp%22%2C%22QQN75%22%3A%22GJ1NmzQk8JjO%22%7D&vgd_bid=335315&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1678413548143850036&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_itype_id=17&vgd_pgid=p1239107074t202303100159&vgd_pgids=1&vgd_uspa=0&hvsid=00001678413549003029185682205260&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Fri, 10 Mar 2023 01:59:09 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 10 Mar 2023 01:59:09 GMT
checksync.php
contextual.media.net/ Frame EC2C 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
089ef3abcb9a867d1d9c058fffcaa0e412f6e813ff50687c54a5ee05ea596c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9546
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 01:59:09 GMT
expires
Sun, 12 Mar 2023 01:59:09 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 593E 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4800&lper=1&itypeid=17&itype=ADX&cc=AU&cid=8CU3SX34C&reqid=Fq9r1EbeSLSDliV2spCepg&vid=Fq9r1EbeSLSDliV2spCepg&dn=spokesman.com&rawDn=spokesman.com&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.spokesman.com&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=AU-NSW&ct=beaconsfield&zip=2015&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-86d7b6879f-flc97.SG&dtc=apac_sg&zone=b&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=54203&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddcTkKX-NvdPW9ll-RTwxWat8EHAK3185_QN2mFR63G9fsIOVPMgPrI0-oaunfdFfPCB&pexid=ADX-pub-9779652122014728&geoll=false&is_ortb=false&s_ip=74.125.190.132&s_city=singapore&commit_id=bd539c93&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-03-09+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=AU&ipcc=AU&rtttime=78&pvid=313&prvAccId=883899441&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=529820104&prspt=headerBid&prvReqId=7341914241899_101854509_52982010423131&reqsize=300x250&size=300x250&chnl=smm_migration_test&bdp=0.050&cbdp=0.02&og_cbdp=0.050&ogbdp=0.05&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.02&dt=O&dbf=1&epc=883899441&s=1&snm=SUCCESS&pcrid=8CUABW64L-883899441-10-27&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=46&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1678413547080&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.05&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080807683400300025000000500&strg=smm_migration_test&stagid=div-gpt-ad-1493397478135-0&vls=0&scrid=1700080807683400300025000000500&mang=1&pvdTmax=252&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUABW64L&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=250x250%7C300x250&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=ddc45ef88c&acid=5586c0349fd944f4a8beebe9e6f51a53&rtime=31.0&wsip=mowx-istio-84c49598b6-qj5tp&ltime=72.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=811898262&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=cid_abk_div&mowxReqId=5586c0349fd944f4a8beebe9e6f51a53_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=7.2118855E-5&ctr_vendor=EXCHANGE&rfc=-1&dfpDiv=div-gpt-ad-1493397478135-0&feedback_id=Fq9r1EbeSLSDliV2spCepg&supplyTagId=811898262&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=73&debug_ts=2023-03-10+01%3A59%3A07&__expireat=1678414147334&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.05~vw_exc%3D0.46~smm_bid%3D0.02~vis_sd%3D236~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2023030915~iurl_b%3D889.26~url_tkc%3D0~std%3Ddiv-gpt-ad-1493397478135-0~last%3D~vis_url_b%3D0.54~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D10~riipua%3D6%2C6~et%3D18~rc%3D1~rps_sd%3D2023030921~vis_b%3D446.31~url_b%3D1.12~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D51.3909~url_l%3D20~gcat%3D501009~bb%3D196~vv%3D0~smm_mul%3D0.49~l2r_b%3D1000~erpm%3D0.05~vl2r_url_kc%3D0E0~bm%3D1~smm_sd%3D2023030911~sid%3D883899441~sd%3D0~uid%3D1HeXvpAns0rZwaqAMW~btd%3D2255869316524021344926186513759478512954335547402455380849680551453425595873435134655094334682365952~d2p_l%3D10~3pcf%3D1000.02~uim%3D0~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.99~ogd2p_b%3D0.98~vurl_b%3D1.59~ss%3DNA~cc%3DAU~uiw%3D-1~ce%3D0~rps_b%3D40.35~vurl_l%3D20~CI%3D2870~nts%3D2~tb%3D-1~ct%3Dbeaconsfield~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.63~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D2.57~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.46%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-9779652122014728%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D811898262%7Esobp%3D%7Ectr%3D7.2118855E-5%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.050%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Ddiv-gpt-ad-1493397478135-0%7Edetected_tag_id%3Ddiv-gpt-ad-1493397478135-0%7Esmm_api%3Dv1~ibc%3D1~nsz%3D2~tgs%3D250x250%7C300x250~bsb%3D0~bsp%3D0~tmx%3D252&utime=1932&sf=0&cpr=0.43225878031879317
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 10 Mar 2023 01:59:09 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Fri, 10 Mar 2023 07:59:09 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjI0MDI1MjcwMiIsImVidXkiOiIzMTY1MTY1MzA4IiwiZWFkdiI6IjUyNzg5MDk4ODkiLCJlY2lkIjoiMTM4NDI1NzY0NDE0IiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuRGVza3RvcF9Ib21lcGFnZV9BbmNob3JfNzI5eDkwIiwiZXNpZCI6bnVsbCwic2l6ZSI6IjcyOHg5MCIsInJlbmRlcmVkIjoiMSJ9&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=aae2889c-776e-4254-b92c-f15ba4a01441&pid=0b86d3c3-8ee5-4782-8e13-0bb273894b2c&dtm=1678413547520&qnm=_matherq&visible=1&tabid=3378f285-23f7-4b1d-ac92-ed1d36840f08&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10776&tofa=1678413547&vid=1&lvidt=1678413547&duid=81db188d-f360-4f45-a86b-24846f74dca3&fp=3102469237&cid=ma20153&mrk=575681700
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 10 Mar 2023 01:59:09 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
truncated
/ Frame 593E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
391f78059d9a0d78e4e6dc3f698b1d33033c68929df0fa8d9bc4f91976fce24b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
smtr
contextual.media.net/ Frame 3151 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=721135687&size=728x90&cc=AU&chnm=smm_migration_test&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.spokesman.com&nse=5&vi=1678413548334968522&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&itid=17&bae=B4xqNBNBNx&bcpf=B4xqNBNB8fOnRrolnfOur8Nx&bdrId=313&bid=340257&ntv=0&matchstring=hr%3D0%7Cbcat%3D7%2Ch%2Cgo%2Ci2%2Chb%2Cmk%2Chg%7Ccsh%3D1&sff=0&kttle=SafeFrame%20Container&katpre=1&katbid=-103&pgid=p1239107074t202303100159&essld=uhA.fHX.f9i.9~KP~KPoIbp~GJ1NmzQk8JjO&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&isid=3131&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4b598e4eef7edbc813d6fe504a030fecb3d812617599396d160100d6950ddc0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-r96j
timing-allow-origin
*
content-length
28953
expires
Fri, 10 Mar 2023 01:59:09 GMT
bping.php
lg3.media.net/ Frame 3151 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=703&&vgd_cdv=891&vgd_cage=0&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=721135687&vi=1678413548334968522&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=170785098&r=1678413549188&requrl=https%3A%2F%2Fwww.spokesman.com&ssld=%7B%22QQ8E%22%3A%22uhA.fHX.f9i.9%22%2C%22QQNN%22%3A%22KP%22%2C%22QQQN%22%3A%22KPoIbp%22%2C%22QQN75%22%3A%22GJ1NmzQk8JjO%22%7D&vgd_bid=340257&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1678413548198394546&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_itype_id=17&vgd_pgid=p1239107074t202303100159&vgd_pgids=1&vgd_uspa=0&hvsid=00001678413549186029185682202540&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Fri, 10 Mar 2023 01:59:09 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 10 Mar 2023 01:59:09 GMT
checksync.php
contextual.media.net/ Frame 29BF 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
089ef3abcb9a867d1d9c058fffcaa0e412f6e813ff50687c54a5ee05ea596c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9546
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 01:59:09 GMT
expires
Sun, 12 Mar 2023 01:59:09 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 3151 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4761&lper=1&itypeid=17&itype=ADX&cc=AU&cid=8CU3SX34C&reqid=URYWHVW__UpJIv3774KtJg&vid=URYWHVW__UpJIv3774KtJg&dn=spokesman.com&rawDn=spokesman.com&pid=8PR113JGC&ugd=4&fleet=common-istio&requrl=https%3A%2F%2Fwww.spokesman.com&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=AU-NSW&ct=beaconsfield&zip=2015&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-istio-86d7b6879f-dfg7z.SG&dtc=apac_sg&zone=b&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=54203&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddc2Bg-sMwtsApeM2WYXqK5ebzgGLalKSq_QpTMxjIPV9mfMAIXXkijU2_zUvK1L-uUM&pexid=ADX-pub-9779652122014728&geoll=false&is_ortb=false&s_ip=74.125.190.143&s_city=singapore&commit_id=bd539c93&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-03-09+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=AU&ipcc=AU&rtttime=49&pvid=313&prvAccId=721135687&prvApiId=8CUABW64L&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=529820104&prspt=headerBid&prvReqId=16446259332462_1996122979_52982010413131&reqsize=728x90&size=728x90&chnl=smm_migration_test&bdp=0.020&cbdp=0.02&og_cbdp=0.020&ogbdp=0.02&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.02&dt=O&dbf=1&epc=721135687&s=1&snm=SUCCESS&pcrid=8CUABW64L-721135687-10-10&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=12&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1678413547063&fpuReq=0&bfs=103&acsn=1&ybnca_erpm=0.01&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080812610100728009000000500&strg=smm_migration_test&stagid=div-gpt-ad-1452211202205-1&vls=0&scrid=1700080812610100728009000000500&mang=1&pvdTmax=253&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&apTags%3C%3E=75&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUABW64L&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUABW64L&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=728x90&mx_bsProfileRa=0&mx_IAB2=0&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=0&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=false&mx_commit_id=ddc45ef88c&acid=d5570c8072724f489369bebe56727379&rtime=36.0&wsip=mowx-istio-84c49598b6-fpw5z&ltime=44.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=2447737946&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=cid_abk_div&mowxReqId=d5570c8072724f489369bebe56727379_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=3.1229505E-5&ctr_vendor=EXCHANGE&rfc=-1&dfpDiv=div-gpt-ad-1452211202205-1&feedback_id=URYWHVW__UpJIv3774KtJg&supplyTagId=2447737946&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=44&debug_ts=2023-03-10+01%3A59%3A07&__expireat=1678414147315&mview=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D20~ogerpm%3D0.01~vw_exc%3D0.12~vis_sd%3D236~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2023030920~iurl_b%3D897.09~url_tkc%3D0~std%3Ddiv-gpt-ad-1452211202205-1~last%3D~vis_url_b%3D0.41~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D6%2C6~et%3D35~rc%3D2%2C1~rps_sd%3D2023030920~vis_b%3D143.81~url_b%3D1.11~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~smm_wr%3D60.6845~url_l%3D20~gcat%3D501009~bb%3D196~vv%3D0~smm_mul%3D2~l2r_b%3D1000~erpm%3D0.01~vl2r_url_kc%3D0E0~bm%3D1~smm_sd%3D2023030911~sid%3D721135687~sd%3D0~uid%3DawuKzkKFqr2cAHXKF~btd%3D1162377453449575188140990469448649607726950222085479746925668768512820064835666836717670957921406976~d2p_l%3D10~3pcf%3D1000~uim%3D0~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.98~ogd2p_b%3D0.98~vurl_b%3D1.59~ss%3DNA~cc%3DAU~uiw%3D-1~ce%3D0~rps_b%3D56.72~vurl_l%3D20~CI%3D2870~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~bss_KTW%3DNA%2CNA~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.63~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.76~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.12%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dsmm_migration_test%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-9779652122014728%7Edalg%3Dsmm%7Ehtml%3D1%7Eadblk%3D2447737946%7Esobp%3D%7Ectr%3D3.1229505E-5%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Ddiv-gpt-ad-1452211202205-1%7Edetected_tag_id%3Ddiv-gpt-ad-1452211202205-1%7Esmm_api%3Dv1~ibc%3D1~nsz%3D1~tgs%3D728x90~bsb%3D0~bsp%3D0~tmx%3D253&utime=2131&sf=0&cpr=0.3598120437835075
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 10 Mar 2023 01:59:09 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Fri, 10 Mar 2023 07:59:09 GMT
truncated
/ Frame 3151 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac5ff3bccee29a689763765b04ac00a3b024ef17476779bface1f4cc355d0f1e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
polyfill.min.js
polyfill.io/v3/ 		101 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.spokesman.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 Mar 2023 01:59:09 GMT
age
264474
detected-user-agent
Chrome/111.0.0
useragent_normaliser
chrome/111.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Sun, 05 Mar 2023 16:54:09 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
normalized-user-agent
chrome/111.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
cksync
cs.media.net/ Frame EC2C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIxNDE1MTQ5NjgyMjAzMjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELiy062GE-aTJ_uYgy9TkKk&google_cver=1
237 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELiy062GE-aTJ_uYgy9TkKk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Fri, 10 Mar 2023 01:59:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELiy062GE-aTJ_uYgy9TkKk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame EC2C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3199c719-c11e-4aba-a9d9-c05273db00bb
237 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3199c719-c11e-4aba-a9d9-c05273db00bb
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Fri, 10 Mar 2023 01:59:10 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3199c719-c11e-4aba-a9d9-c05273db00bb
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame EC2C
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
  • https://contextual.media.net/cksync.php?cs=1&ovsid=b1e30202-3f71-49e6-b63b-63130fd50bc4&type=loop&gdpr_consent=null&gdpr=0
237 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=b1e30202-3f71-49e6-b63b-63130fd50bc4&type=loop&gdpr_consent=null&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 10 Mar 2023 01:59:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Fri, 10 Mar 2023 01:59:10 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&ovsid=b1e30202-3f71-49e6-b63b-63130fd50bc4&type=loop&gdpr_consent=null&gdpr=0
date
Fri, 10 Mar 2023 01:59:10 GMT
server
_
content-length
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjIzMDg0MTI0NiIsImVidXkiOiIzMTU5MTEyNDg3IiwiZWFkdiI6IjQ5Mzc5NTcwMDYiLCJlY2lkIjoiMTM4NDI0NTc5MTIzIiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuX2hvbWVwYWdlX3RvcF8zMDB4MjUwIiwiZXNpZCI6bnVsbCwic2l6ZSI6IjMwMHgyNTAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=903469ce-9b53-4226-9928-25571679e64a&pid=0b86d3c3-8ee5-4782-8e13-0bb273894b2c&dtm=1678413547556&qnm=_matherq&visible=1&tabid=3378f285-23f7-4b1d-ac92-ed1d36840f08&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10866&tofa=1678413547&vid=1&lvidt=1678413547&duid=81db188d-f360-4f45-a86b-24846f74dca3&fp=3102469237&cid=ma20153&mrk=575681700
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 10 Mar 2023 01:59:09 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync
cs.media.net/ Frame 29BF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3199c719-c11e-4aba-a9d9-c05273db00bb
237 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3199c719-c11e-4aba-a9d9-c05273db00bb
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Fri, 10 Mar 2023 01:59:10 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=3199c719-c11e-4aba-a9d9-c05273db00bb
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame 29BF
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26ovsid%3D%7Bviewer_token%7D%26type%3Dloop
  • https://contextual.media.net/cksync.php?cs=1&ovsid=549397d0-531e-41cd-a0fa-f7cb7a422702&type=loop&gdpr_consent=null&gdpr=0
237 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=549397d0-531e-41cd-a0fa-f7cb7a422702&type=loop&gdpr_consent=null&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.180.23 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 10 Mar 2023 01:59:10 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Fri, 10 Mar 2023 01:59:10 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&ovsid=549397d0-531e-41cd-a0fa-f7cb7a422702&type=loop&gdpr_consent=null&gdpr=0
date
Fri, 10 Mar 2023 01:59:10 GMT
server
_
content-length
0
cksync
cs.media.net/ Frame 29BF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIxNDE1MTQ5NjgyMjA5MTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELiy062GE-aTJ_uYgy9TkKk&google_cver=1
237 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELiy062GE-aTJ_uYgy9TkKk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C241%2C461%2C462%2C3018%2C246%2C4%2C313%2C359%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:09 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
237
x-mnet-hl2
E
expires
Fri, 10 Mar 2023 01:59:09 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELiy062GE-aTJ_uYgy9TkKk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader-config.json
cdn.wgchrrammzv.com/prod/spokesman/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.wgchrrammzv.com/prod/spokesman/loader-config.json
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7C7) /
Resource Hash
d26051679b0f4f1fb2187e0169dbb001bef17a61a66cfb39e3301da23a4522b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Mar 2023 01:59:09 GMT
content-encoding
gzip
content-md5
GpKasTo3xKs5tbLlwysXhA==
age
15613
x-cache
HIT
content-length
1307
x-ms-lease-status
unlocked
last-modified
Thu, 02 Mar 2023 05:24:13 GMT
server
ECAcc (nwa/E7C7)
etag
0x8DB1ADE5C5D392C
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1f19c27e-d01e-00b4-58cf-523b70000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
/
a2.adform.net/adfserve/ Frame 90A1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfserve/?CC=1&bn=62201998;js=1;adfxid=1x;125;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fwww.spokesman.com
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d1c5664605b8f67156ef6a8cb017b2a8f079a9ce8012af8c831946d47ebae689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1936
expires
-1
truncated
/ Frame BB5E 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BB5E 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BB5E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Semibold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/ Frame BB5E 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by
Host: 284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
URL: https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.87.193.133 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-133.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
Origin
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 10 Mar 2023 01:59:11 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
Apache
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21704
Expires
Sat, 11 Mar 2023 01:59:11 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMCIsImVhZHYiOiIwIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuRGVza3RvcF9Ib21lcGFnZV9EYXNoYm9hcmRfMzAweDI1MCIsImVzaWQiOm51bGwsInNpemUiOiIzMDB4MjUwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=b22bfc57-68a6-4b45-a925-aedd7756ec2f&pid=0b86d3c3-8ee5-4782-8e13-0bb273894b2c&dtm=1678413547557&qnm=_matherq&visible=1&tabid=3378f285-23f7-4b1d-ac92-ed1d36840f08&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10866&tofa=1678413547&vid=1&lvidt=1678413547&duid=81db188d-f360-4f45-a86b-24846f74dca3&fp=3102469237&cid=ma20153&mrk=575681700
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 10 Mar 2023 01:59:09 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F95 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1wc6wviqm7kqtKmt_r_pFWniXshqNCCsIYzSQ7fzwIVGxpQpdGQfz3MyyKCBw4aP9nSu1j0VDUsz8MnQhuoZayuFPPY9y1DzW14j4Xdg8qnU3gYog&sig=Cg0ArKJSzJWgo9XQ73V3EAE&id=lidar2&mcvt=1000&p=223,160,323,1440&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2404035854&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678413547498&rpt=1227&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F47C 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcigg1Z1cbjNQf84rajq58WBg2FW_LttKk2Ecj2BUitct8i9VAqwQ0Zwt-Bdd2GKYbCYpObDfAQAgddgg5A3al6HvydqQ3p-9jhn-E6naM4qYWnqmW&sig=Cg0ArKJSzL_bIAIzzghvEAE&id=lidar2&mcvt=1000&p=340,1220,590,1520&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3725654123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678413547538&rpt=1222&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 66A5 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 66A5 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 66A5 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 66A5 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5157&&vgd_canary=0&vgd_l2type=scs_newfl&fp=LKJDKKkK5XwKJTAGptDNubAnXiQ0KcxveGZ_yIGzLa9_Z02G-y3DYmJE_CZHNrCgg2FXmstRRAIInhEgV5olSAlYEZjG_B6XYuAXw_5Dz72oByGSavbrbLREO0tuPGbsPD7qwtbCmug%3D&cme=8jFaXh1IoO6Ramg6tgECk5y_vPO7V4932nIvzKGlV79JDkFwO_gUdIvXO8dNQQcWLXc6z9s97cXzI-niB52rW4OWANuKjJ7WOXjP5gFPMeYtm3NXZ2ETJ7DFmvA3zP0mp92R5nmTWrZ0Qhc1Zu5SGxKipnhyXAXyIFdUTnkCruuUy-CU7wKh9OvxgMb51b0JRVcZmDG6KfP2GtVt2TUq6ACA5rJGH3CJWfbxD7gTLF0t-P3WelqsLA%3D%3D%7C%7CtIoDUVWMEjAdcxJdYchT5w2vyyyYvRqxz4DxOF30SPrrAFWno1nwb2wVGDc131PWlNu4xqvaYc9tk-lElO246EasoO0CnMAhv-Vh7Wo2cxSFhGb5xvd2lBYyifGYQ3QHuw8vtf3DH004V8f9j22i9hn0hA6lnzIYkdVR_w85bjl4BRphi3yVyrkW-Z8i3iF2qJS9O1FM3RmTfRwgqD0hRdQYp51g2B9iiHz728Lh6qEBGPHumSc9lNtZKxJ7ZiRe%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD7Rgcso4-MDC_2znEBaVJaE8eVOLGaeGUCbSwxS09ygdA%3D%3D%7C&subBdr=196&bdrid=313&ksu=224&fdkt=439&vgde_kbbh=fuoyxQBuG&kwd[]=7+Days+Weather+Forecast&kwt[]=439&kbc[]=1261863077&kwp[]=1&kid[]=318990964&kbc2[]=1%3D0.21%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.18%7C66%3D0.56%7C60%3D0.76%7C62%3D0.66%7C63%3D0.06%7C10%3D2.60%7C2%3D0.50%7Cps%3D0.990%7C3%3D0.00%7C4%3D3.13&ktd[]=563224848236800&ktrkt[]=7+Days+Weather+Forecast&kwd[]=Live+Weather+Map&kwt[]=453&kbc[]=1261863077&kwp[]=2&kid[]=115042680&kbc2[]=1%3D0.42%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.21%7C66%3D0.56%7C60%3D0.73%7C62%3D0.49%7C63%3D0.06%7C10%3D2.60%7C2%3D0.91%7Cps%3D0.940%7C3%3D0.01%7C4%3D1.98&ktd[]=274894815488&ktrkt[]=Live+Weather+Map&kwd[]=14+Day+Weather+Predictions&kwt[]=439&kbc[]=1261863077&kwp[]=3&kid[]=316741995&kbc2[]=1%3D0.10%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.10%7C66%3D0.56%7C60%3D0.58%7C62%3D0.76%7C63%3D0.06%7C10%3D2.60%7C2%3D0.23%7Cps%3D0.990%7C3%3D0.00%7C4%3D2.95&ktd[]=563224848236800&ktrkt[]=14+Day+Weather+Predictions&kwd[]=Weather+Forecast+Maps&kwt[]=453&kbc[]=1261863077&kwp[]=4&kid[]=30442514&kbc2[]=1%3D0.30%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.21%7C66%3D0.56%7C60%3D1.03%7C62%3D0.49%7C63%3D0.06%7C10%3D2.60%7C2%3D0.58%7Cps%3D0.940%7C3%3D0.01%7C4%3D1.93&ktd[]=274894815488&ktrkt[]=Weather+Forecast+Maps&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=AU&wsip=170762850&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQ8E%22%3A%22uhA.fHX.f9i.9%22%2C%22QQNN%22%3A%22KP%22%2C%22QQQN%22%3A%22KPoIbp%22%2C%22QQN75%22%3A%22GJ1NmzQk8JjO%22%7D&cid=8CUABW64L&vi=1678413548334968522&vsid=3214151496822034&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_implt=3&vgd_cage=0&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=8251&vgd_nrrmf=1001c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1678413548198394546&tsrc=entity&sttm=1678413549186&upk=1678413549.3719&hvsid=00001678413549186029185682202540&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D7%2Ch%2Cgo%2Ci2%2Chb%2Cmk%2Chg%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080812610100728009000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&bid=340257&abpl=2&kbbq=%26asn%3D54203&vgd_vstrid=3214151496822034&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9u~eBMJ-Nv9.uf~e8QMQOvfAF~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9fA9A9if9~8xLjMGvWih.9i~xLjM7UNv9~Q7OvO8eoyE7o1OouHXffuuf9ff9Xou~j1Q7v~e8QMxLjMGv9.Hu~8EvAGB9PB~kGGv9~e8QMxLjMjvA9~L88Ex1vF%2CF~J7vAX~LNvf%2Cu~LEQMQOvf9fA9A9if9~e8QMGvuHA.Wu~xLjMGvu.uu~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvF9.FWHX~xLjMjvf9~yN17vX9u99i~GGvuiF~eev9~QYYMYxjvf~jfLMGvu999~JLEYv9.9u~ejfLMxLjMUNv949~GYvu~QYYMQOvf9fA9A9iuu~Q8OvhfuuAXFWh~QOv9~x8Ov1BxClUCs%20LfNKqtCs~G7OvuuFfAhhHXAHHiXhXuWWuH9ii9HFiHHWFHiF9hhfFiX9fff9WXHhihHFifXFFWhFWXufWf99FHWAXFFFWAFhuhFh9iXhifuH9FihF~OfEMjvu9~AENkvu999~x8Yv9~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.iW~myOfEMGv9.iW~exLjMGvu.Xi~QQvIK~NNvKP~x8Bvou~NJv9~LEQMGvXF.hf~exLjMjvf9~%3DVvfWh9~z7Qvu~7Gvou~N7vGJ1NmzQk8JjO~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.FA~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.hF~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.uf~1YEvu~NGOEv9.9f9~OYYvQYYMY8yL178mzM7JQ7~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGoihhiFXfuff9uHhfW~O1jyvQYY~w7Yjvu~1OGjUvfHHhhAhiHF~QmGEv~N7LvA.uffiX9X4oX~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8OvO8eoyE7o1OouHXffuuf9ff9Xou~OJ7JN7JOM71yM8OvO8eoyE7o1OouHXffuuf9ff9Xou~QYYM1E8veu~8GNvu~zQlvu~7yQvhfW-i9~GQGv9~GQEv9~7Y-vfXA&vgd_bhv_kbb=-1&vgd_cfud=220331&vgd_scsver=418&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001678413549186029185682202540&rc=0&rand=1678413549806&acid=d5570c8072724f489369bebe56727379&matm=1678413549806&requrl=https%3A%2F%2Fwww.spokesman.com&vgd_ltimesrc=1&vgd_ltime=2036&vgd_rtime=2028&vgd_etm=8&vgd_l1hcsd=Splrp%7C1551&vgd_l1ch=1&vgd_lhl=3103&vgd_pgid=p1239107074t202303100159&vgd_csip=rtb-common-istio-86d7b6879f-dfg7z.SG&vgd_sbSup=1&vgd_nrrs=8251&vgd_cdv=891&vgd_cntrdt=SF%7C284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Fri, 10 Mar 2023 01:59:09 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Fri, 10 Mar 2023 01:59:09 GMT
truncated
/ Frame 90A1 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b0a9b928662a18264462858dd869d4a53dccd7207ae0cd3a78d4db8875bf3b6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 90A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBfHN7P4D8jY_AVyIpFNEXCkMtBaQo1aDAl287ce8mVAR-4E5y7gKo9gpw0afm6Il3qquGr-YI9g2K-2iEWYnXC-WvcOqAuN2OvzK2kTBBdNE02hrWFIw4qvaUNIStN-AoDgefxIm61xv_N6pj_4DNx-Q4I-blm_DxIZ6ulH03jQxgrPHjow4LfM2mnr9fFnaF_pxh_obtV5QwyDEz_1LTWYPPXTfHmgItPJup9X_-tsWRdBEfd8MPr5kyc_zV7wYbjZ57yoZnKvrWF-l_VUH7XPlYiFemgfAX4SNIJRL9HNg9wolsC5Ck6L8Ol7cT3Wfe4nwtdtPgJSv9Fxw714_rx8KCJzD30ZNikWY2&sai=AMfl-YSVNatNsUrUMT00sW3eqi3vJMEihEwej_sEL5exQk5rdUSUAd_tVVvZzbqXQsb7PpbTkRiwWuPSNYwGYdnBuUBrfCKYWTer6p_2JpxwIQEIuS8BUTdegHLndID_gKYqVqABbYta9P1h3Kjbzjc&sig=Cg0ArKJSzLgKsCFImqAhEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 10 Mar 2023 01:59:10 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMCIsImVhZHYiOiIwIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuRGVza3RvcF9ob21lcGFnZV8yXzcyOHg5MCIsImVzaWQiOm51bGwsInNpemUiOiI3Mjh4OTAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=dc328745-9170-4175-9aa5-076ff2dbd5ec&pid=0b86d3c3-8ee5-4782-8e13-0bb273894b2c&dtm=1678413547558&qnm=_matherq&visible=1&tabid=3378f285-23f7-4b1d-ac92-ed1d36840f08&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10866&tofa=1678413547&vid=1&lvidt=1678413547&duid=81db188d-f360-4f45-a86b-24846f74dca3&fp=3102469237&cid=ma20153&mrk=575681700
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.216.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-216-79.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Fri, 10 Mar 2023 01:59:10 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.200 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E79C) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 10 Mar 2023 01:59:10 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
875
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (nwa/E79C)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
03bc3a69-601e-005c-07f1-520fa1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 10 Mar 2023 02:29:10 GMT
fp.min.js
cdn.mircheigeshoa.com/prod/spokesman/ 		0
0
g2i.min.js
cdn.o1ych4jb.com/prod/spokesman/ 		0
0
t8y9347t.min.js
cdn.pranmcpkx.com/prod/spokesman/ 		0
0
t8y9347t.min.css
cdn.pranmcpkx.com/prod/spokesman/ 		0
0
Standard
s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 90A1 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/626/s2.adform.net/load/v/0.0.226/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
863ad739bb9402363d8f11aa86e044ddfa80fd927de18b09814259f152fdf01f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:10 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
MISS, BYPASS, STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 31 Dec 2022 03:23:12 GMT
/
a2.adform.net/csimpr/ Frame 90A1 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/csimpr/?bn=62201998&csi=LN8Hr9Xy01pkXmhEkOvnNQvdu1m_FRqa6CHrumll0BzrygPkIxxfk4bnOJTtXK44ZXf1Xmm6WYdr3yFqfPQlrt6vWmW1dlSa0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
57594174.jpg
s2.adform.net/Banners/57594174/ Frame 90A1 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.adform.net/Banners/57594174/57594174.jpg?bv=1
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.57 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e0d0ffa23fecd69b99d193acf8e443f00c1e27268ecfd8355d337d43c312127a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 01:59:10 GMT
last-modified
Thu, 02 Mar 2023 17:30:06 GMT
server
nginx
x-amz-request-id
tx000007a1970d8501b2d91-0064099614-329527e9-default
etag
"2ba6f3af704c5ac5c341027fc8706876"
x-cache-status
MISS, HIT, STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23585
activeview
pagead2.googlesyndication.com/pcs/ Frame 90A1 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQOmAkPhC834vk5twAOtDjZHan88oaM92XmGeGXSFhbnGmdEpcZvvZAy7q4FWXBe7_GxZk4QAtjuG5lVuU_xioD88krXux4azaw9u0B0W_MzT2WYX4&sig=Cg0ArKJSzOWxsBjQqTbLEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1337061979&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678413547517&rpt=2388&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bql.php
lg3.media.net/ Frame BB5E 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5588&&vgd_canary=0&vgd_l2type=scs_newfl&fp=LCmeisPky4KBZlwErirdmYpxNL5Kzp9JvBahifW6WUlKtZZfelUFxMIEczAszzjtWDwr5ikUtrZxQmtGiqdyWtJnaKTBXqTQfoDb_291jPJx2Daln-GwnFGH-oQAYXE_i8In3AWiHGumIrGjAzWrUw%3D%3D&cme=X3I47vpv_i3mtz8eOBDxb5W-8gJahoJiPhgr8TK8z34TpG5UEde0rSuCLFiY2bET3_9qlxU5LsNoRH8HK5x71v1QMkL1X7Jmi2yegz8Ujv67hKKMAv-Zg6rOzcJMgZDY7_7g8lu0HfscL-LJOTHTQXewGISthGe9lCsTFAsLUOfBFpFKWecYrWPQbqQApzeuqWDmSoUTlivBdDL_5_ZNzktECiN5ZNsKOK_2gcQbz5E%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7Ca0AmFUYXmD7Rgcso4-MDC_2znEBaVJaE8eVOLGaeGUCbSwxS09ygdA%3D%3D%7CNsaHMqRtbNBbnZbUOZaTCeD3EiyrZReAwVyB_DCpzQPpF3QzPjkOaYP1xQI_KmfQcJdRHmgKjl8XG39_r9dB1qvqkUgspkPC-FnycJkj6Ei2TLDhxrsKcxf0DmymlkdGI-vaBwc_m-lbxrB4tVTLw2J46DTJDxYBJbH_AQbh7n4ZaYnZ59y172B2SACfFhhi6o9HUwSWmXpYZsnn9tWGoFzhmo-v6HRKH7m1-XaEjjTCvHFeGgBEi6bNVQbB79RpVDgtB0xqbuk%3D%7C&subBdr=196&bdrid=313&ksu=224&fdkt=439&vgde_kbbh=fuoyxQBuG&kwd[]=14+Day+Weather+Predictions&kwt[]=439&kbc[]=1261863077&kwp[]=1&kid[]=316741995&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.10%7C66%3D0.56%7C60%3D0.58%7C62%3D0.76%7C63%3D0.06%7C10%3D2.60%7C1%3D0.10%7C2%3D0.23%7Cps%3D0.990%7C3%3D0.01%7C4%3D1.00&ktd[]=563224848236800&ktrkt[]=14+Day+Weather+Predictions&kwd[]=Live+Weather+Map&kwt[]=453&kbc[]=1261863077&kwp[]=2&kid[]=115042680&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.21%7C66%3D0.56%7C60%3D0.73%7C62%3D0.49%7C63%3D0.06%7C10%3D2.60%7C1%3D0.42%7C2%3D0.91%7Cps%3D0.940%7C3%3D0.02%7C4%3D1.93&ktd[]=274894815488&ktrkt[]=Live+Weather+Map&kwd[]=7+Days+Weather+Forecast&kwt[]=439&kbc[]=1261863077&kwp[]=3&kid[]=318990964&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.18%7C66%3D0.56%7C60%3D0.76%7C62%3D0.66%7C63%3D0.06%7C10%3D2.60%7C1%3D0.21%7C2%3D0.50%7Cps%3D0.990%7C3%3D0.01%7C4%3D1.92&ktd[]=563224848236800&ktrkt[]=7+Days+Weather+Forecast&kwd[]=Weather+Forecast+Maps&kwt[]=453&kbc[]=1261863077&kwp[]=4&kid[]=30442514&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.21%7C66%3D0.56%7C60%3D1.03%7C62%3D0.49%7C63%3D0.06%7C10%3D2.60%7C1%3D0.30%7C2%3D0.58%7Cps%3D0.940%7C3%3D0.04%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Weather+Forecast+Maps&kwd[]=Today%27s+Weather+Forecast&kwt[]=453&kbc[]=1261863077&kwp[]=5&kid[]=28570517&kbc2[]=clust%3D1%7C%7C%2A~weather~%2A~today~%2A%7C%7Cdiff%3D1%7C%7Csetid%3D2%7C%7Ct%3D2%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C12%3D0.10%7C66%3D0.56%7C60%3D0.58%7C62%3D0.76%7C63%3D0.06%7C10%3D2.60%7C1%3D0.24%7C2%3D0.63%7Cps%3D0.940%7C3%3D0.02%7C4%3D1.00&ktd[]=577025076680331520&ktrkt[]=Today%27s+Weather+Forecast&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=AU&wsip=170762534&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQ8E%22%3A%22uhA.fHX.f9i.9%22%2C%22QQNN%22%3A%22KP%22%2C%22QQQN%22%3A%22KPoIbp%22%2C%22QQN75%22%3A%22GJ1NmzQk8JjO%22%7D&cid=8CUABW64L&vi=1678413548833155214&vsid=3214151496822099&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_implt=3&vgd_cage=0&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=8251&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1678413548143850036&tsrc=abtest&sttm=1678413549003&upk=1678413549.18579&hvsid=00001678413549003029185682205260&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D7%2Ch%2Cgo%2Ci2%2Chb%2Cmk%2Chg%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080807683400300025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POHZR87R&bid=335315&abpl=2&kbbq=%26asn%3D54203&vgd_vstrid=3214151496822099&vgde_bdata=QOfvzxjj~8xLjMjvf9~myJLEYv9.9X~eBMJ-Nv9.HF~QYYMG8Ov9.9f~e8QMQOvfAF~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9fA9A9iuX~8xLjMGvWWi.fF~xLjM7UNv9~Q7OvO8eoyE7o1OouHiAAihHhWuAXo9~j1Q7v~e8QMxLjMGv9.XH~8EvAGB9PB~kGGv9~e8QMxLjMjvu9~L88Ex1vF%2CF~J7vuW~LNvu~LEQMQOvf9fA9A9ifu~e8QMGvHHF.Au~xLjMGvu.uf~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~QYYMBLvXu.Ai9i~xLjMjvf9~yN17vX9u99i~GGvuiF~eev9~QYYMYxjv9.Hi~jfLMGvu999~JLEYv9.9X~ejfLMxLjMUNv949~GYvu~QYYMQOvf9fA9A9iuu~Q8OvWWAWiiHHu~QOv9~x8OvuqJteEKzQ9L2B1%20Kcp~G7OvffXXWFiAuFXfH9fuAHHifFuWFXuAhXiHhWXufiXHAAXXHhH9fHXXAW9WHiFW9XXuHXAHfXXiXWhAHAXuAHFXX9iHAAHFWfAFXiXf~OfEMjvu9~AENkvu999.9f~x8Yv9~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~myOfEMGv9.iW~exLjMGvu.Xi~QQvIK~NNvKP~x8Bvou~NJv9~LEQMGvH9.AX~exLjMjvf9~%3DVvfWh9~z7Qvf~7Gvou~N7vGJ1NmzQk8JjO~GQQMC_pvIK%2CIK~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.FA~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvf.Xh~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.HF~1YEvu~NGOEv9.9f9~OYYvQYYMY8yL178mzM7JQ7~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGoihhiFXfuff9uHhfW~O1jyvQYY~w7Yjvu~1OGjUvWuuWiWfFf~QmGEv~N7Lvh.fuuWWXX4oX~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9X9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8OvO8eoyE7o1OouHiAAihHhWuAXo9~OJ7JN7JOM71yM8OvO8eoyE7o1OouHiAAihHhWuAXo9~QYYM1E8veu~8GNvu~zQlvf~7yQvfX9-fX9%7CA99-fX9~GQGv9~GQEv9~7Y-vfXf&vgd_bhv_kbb=-1&vgd_cfud=230120&vgd_scsver=418&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001678413549003029185682205260&rc=0&rand=1678413549635&acid=5586c0349fd944f4a8beebe9e6f51a53&matm=1678413549635&requrl=https%3A%2F%2Fwww.spokesman.com&vgd_ltimesrc=1&vgd_ltime=3526&vgd_rtime=1885&vgd_etm=9&vgd_l1hcsd=Splrp%7C1551&vgd_l1ch=1&vgd_lhl=3135&vgd_pgid=p1239107074t202303100159&vgd_csip=rtb-common-istio-86d7b6879f-flc97.SG&vgd_sbSup=1&vgd_nrrs=8251&vgd_cdv=891&vgd_cntrdt=SF%7C284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.140.31 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-31.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Fri, 10 Mar 2023 01:59:11 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Fri, 10 Mar 2023 01:59:11 GMT
/
a2.adform.net/serving/unload/ Frame 90A1 		35 B
617 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/serving/unload/?version=15&unload=1468540035479681921@@62201998,6876699731080168884,100|1200|0|0|0|0|0|0|0||41|1|||||1|0|0|3NVCygcf2GJcPlakbYq96afxy6pmpaSPZ_45OWQWz3KZIgxuBW0GTvL_QlhaeLlf0|||11||0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/626/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 Mar 2023 01:59:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.mircheigeshoa.com
URL
https://cdn.mircheigeshoa.com/prod/spokesman/fp.min.js?2023210
Domain
cdn.o1ych4jb.com
URL
https://cdn.o1ych4jb.com/prod/spokesman/g2i.min.js?2023210
Domain
cdn.pranmcpkx.com
URL
https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js?2023210
Domain
cdn.pranmcpkx.com
URL
https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.css?2023210

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| dataLayer string| PAYMETER_ENV boolean| PAYMETER_DEBUG function| $ function| jQuery object| flippxp string| config_file function| loadScript function| waitForGlobal function| domready object| lazySizesConfig object| lazySizes object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| sr_ads object| slots number| viewportWidth function| viewportResizedHorizontal function| paragraphCount function| debounce function| defineAd function| enableAds function| displayAd function| refreshAds function| showAds function| setupCatfish function| setupSiderail function| setupInstory function| removeEmpty function| setupAds function| startAds object| google_tag_manager string| GoogleAnalyticsObject function| ga function| handleMessageFromNative undefined| google_measure_js_timing function| onYouTubeIframeAPIReady object| gaGlobal object| catfishParent object| button object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaplugins object| gaData object| _mather object| _matherq object| tid function| At object| n function| t object| SrExpandoBox boolean| authenticated boolean| attemptedAuth function| check_authentication function| sideMenu function| setRefresh function| SRPageInit object| calendarFilters object| TabNav object| SrFilterList object| HideAndSeek object| SRSectionNav object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| Gumshoe function| Splide object| splide object| plinks object| menus object| _mg2q string| slotElementId object| slotElement object| MG2Loader object| appInsights object| AI object| Microsoft function| __extends function| _endsWith

23 Cookies

Domain/Path Name / Value
service7-coinbase.com/ Name: PHPSESSID
Value: 48c696dfe19ad492c14edcb1269057e4
www.spokesman.com/ Name: flipp-uid
Value: 79e2b966-fbbb-456e-be16-10e098d74701
.p.flipp.com/ Name: gid
Value: "tqfkjAAB+jG8el9eArG4Zw=="
.spokesman.com/ Name: _ga_G3BY0LGVDL
Value: GS1.1.1678413546.1.0.1678413546.0.0.0
.spokesman.com/ Name: _ga
Value: GA1.2.1570723848.1678413547
.spokesman.com/ Name: _gid
Value: GA1.2.785647978.1678413547
.spokesman.com/ Name: _dc_gtm_UA-230256-14
Value: 1
.spokesman.com/ Name: _sp_ses.53c5
Value: *
.spokesman.com/ Name: __gads
Value: ID=68efccf770d9b3e8:T=1678413546:S=ALNI_MYyEQlji1vJ-3OKcH_kwVdAED6MSw
.spokesman.com/ Name: __gpi
Value: UID=00000bd60a80654e:T=1678413546:RT=1678413546:S=ALNI_Mb56eg1H_PMUMOdFuU4k_hd5sI6ag
.spokesman.com/ Name: _sp_id.53c5
Value: 81db188d-f360-4f45-a86b-24846f74dca3.1678413547.1.1678413548.1678413547
.doubleclick.net/ Name: IDE
Value: AHWqTUmm_hLG8l7kz5V_itM0gJPCgs49csKTRVaQ3YbXDuJoMFui9BKE5R5EcKOyt44
.adform.net/ Name: C
Value: 1
.media.net/ Name: visitor-id
Value: 3214151496822034000V10
.adsrvr.org/ Name: TDID
Value: 3199c719-c11e-4aba-a9d9-c05273db00bb
.adform.net/ Name: uid
Value: 1468540035479681921
.adform.net/ Name: TPC
Value: 1678413549705
.media.net/ Name: data-g
Value: CAESELiy062GE-aTJ_uYgy9TkKk~~6
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjYgd7PuMXQOxAFOAE.
.media.net/ Name: data-ttd
Value: 3199c719-c11e-4aba-a9d9-c05273db00bb~~1
www.spokesman.com/ Name: ai_user
Value: v4D3Z|2023-03-10T01:59:10.360Z
.csync.loopme.me/ Name: viewer_token
Value: b1e30202-3f71-49e6-b63b-63130fd50bc4
.media.net/ Name: data-lop
Value: 549397d0-531e-41cd-a0fa-f7cb7a422702~~1

1 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

284bc8dd8fdbf0bbe30ea903f0bdb481.safeframe.googlesyndication.com
a2.adform.net
adservice.google.com
adservice.google.com.au
az416426.vo.msecnd.net
cdn-gateflipp.flippback.com
cdn.mircheigeshoa.com
cdn.o1ych4jb.com
cdn.pranmcpkx.com
cdn.wgchrrammzv.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
csync.loopme.me
hblg.media.net
js.matheranalytics.com
lg3.media.net
loader-cdn.azureedge.net
match.adsrvr.org
media.spokesman.com
p.flipp.com
pagead2.googlesyndication.com
polyfill.io
qsearch-a.akamaihd.net
res-a.akamaihd.net
s2.adform.net
securepubads.g.doubleclick.net
service7-coinbase.com
spokesman.com
static.spokesman.com
stats.g.doubleclick.net
thumb.spokesman.com
tpc.googlesyndication.com
warp.media.net
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.spokesman.com
cdn.mircheigeshoa.com
cdn.o1ych4jb.com
cdn.pranmcpkx.com
107.178.250.234
117.18.232.200
142.250.4.99
142.251.10.97
142.251.12.132
142.251.12.154
142.251.12.155
146.190.66.204
151.101.1.26
152.199.39.108
172.217.194.157
172.217.194.94
172.253.118.138
18.161.97.52
184.87.193.133
184.87.193.156
185.167.164.49
185.84.60.57
23.207.180.23
23.213.140.31
23.36.48.24
34.205.216.79
35.214.223.115
35.71.131.137
52.222.144.104
52.222.144.97
52.84.251.61
52.84.45.36
52.84.45.49
52.84.45.75
74.125.200.154
74.125.24.155
74.125.68.132
001d52d71e67131cd8f782de7697e56b94f0d54b94c06b98f04fbe04ae7b0ac2
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089ef3abcb9a867d1d9c058fffcaa0e412f6e813ff50687c54a5ee05ea596c99
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
1302c52196ad43b30017f9a7ebe906b512c2f5179756c3f6e546b903f67627fd
1372899d8efa3fab00201660d851103b2e441960efb6333f88057ba639e84aa9
17acf455e2cfae82895405fccd76478c6d0149de9bbb5ea27b365ea91169313f
1978da8b5ab803cfd4f19f5ab9c3cb0de14ba1dd666312ec9afb932d6063958a
2392bd3ca80763ab369fe30a8958537c806820054c43937b5139e0b366815b1b
2703fd9d67156cd74739bedba02116ac66aa4fc4c8fdb9bb56f2af545d2875d7
2a18a7f911b08ef4a30e288e57cf7a73c61aebc4946c8604b18a7ab96de6c187
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2b0a9b928662a18264462858dd869d4a53dccd7207ae0cd3a78d4db8875bf3b6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
391f78059d9a0d78e4e6dc3f698b1d33033c68929df0fa8d9bc4f91976fce24b
3c9d78489367e0012068f3062d5b7c15318205bffca970ad5f4ee608aa56dd61
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
44c448205f15c4f82a4dfe267d5a2efac45224543d44a7c073b167813d449fce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b598e4eef7edbc813d6fe504a030fecb3d812617599396d160100d6950ddc0b
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2aee262821f014d61d9949b24dd6e194a702ae23c9e3661824e512e550ec09
5ba65148259568967389d182b434f97e0da7b6cd83abf926a602433a340ca9d0
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6dfc02a8e6f295102871d721f23120a13077e491345a93614fcbb43867de3301
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79fc30a3a4b255c915bba01c0691a5653ec71151821aedb5147898821927e362
81a9acf215ecf4e6b814d427b782651fb5ea8a05388d374e35431cb50ba206b5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835c46f680eda60ae7a5ebe49e9a7c9187e98bdb7f859226cdee3a03f178c8b4
8496d561d1048a1ab765f2bd9c75e2ab60359794bb636150cca515e187e4eeee
863ad739bb9402363d8f11aa86e044ddfa80fd927de18b09814259f152fdf01f
8dea6a682731d582228cc56c40f06680c40983d7c99b1805945647194c3aac19
a1383e1ed8738bb62c30ec424ca3730b0fb0741da0814fa969e4764a06bde904
a2ce5cb0f16f4232c4368407237460450be76795a2f93ed08b230d3eafd65310
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a77ccf47a61b8eb1d83a4101826726c3b2b0e5b34eb9f2601785b4d1e513932c
ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8
ac5ff3bccee29a689763765b04ac00a3b024ef17476779bface1f4cc355d0f1e
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b6ac504e86e80bbe003b424f85206446c6a7dee7b452251550d9ec9ad6437f7f
b8efe4a0e6a6754322fe6c09529fab576b5fbfb7ea28c17fe3fac6ee8de5e155
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c95f546f0db11cefb219fe6216a0fddc73bd0644fc0d342ec0f49b0b052f6679
c9a734522d40c7d247fad76eb0e347f7ed7229a04eaf5b011b3dd3afecf3ea4a
cc788698340af3d23c61c6d8d7debe31f26bb8c44a6643058a84ca249983daa2
cd876e84fbf0f219be31e05c20161da068fdf4419a35343f010e58e3146b22ba
ce0f6cc88e852aa5a7affdbcef57f11de5bbfd72f4287f473c9b1893832b888c
cf4f895942e85dc331685742c6497f2111ee9c9305a8222d4824e23d6d7bfaa5
d1c5664605b8f67156ef6a8cb017b2a8f079a9ce8012af8c831946d47ebae689
d206ac7a5d31faadb933717d02b03beb2b0245ad44fe0ec721801094dfc1f7ac
d26051679b0f4f1fb2187e0169dbb001bef17a61a66cfb39e3301da23a4522b7
d4890a3c7a6d70985e71fb7178c58b8c3ff183e6edbb3f07a41affe5b897d3ae
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da938d67819ff68d15b6f947972f51cbb710c5db7544e86024de409f2398dc29
de6368d1df3c31f21d38cf9ef934bf948d96f1cd481d228a09e1d4199dcf1269
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e0d0ffa23fecd69b99d193acf8e443f00c1e27268ecfd8355d337d43c312127a
e15f20e9ef9afb2d807e387e719bf1e183ac72a1ff378d2b28f79cc33efd9ae5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e93c85341a48fbccd80f6d316b0d45b3b951169f4390adfb5cf81609f4160d45
ea3a18259f10c2febe3e3e0510c8e43a544fd3833bd572eb8b0827c7b4672787
eaf1a8c6cabdead3a47f6ee65cdf7e397b13afb5c3ba959519cdb144812534a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f86632279d90c9d73259e4a4acf59b20bf3afe6d7b5f0278766e1ce7d6645eb4