urlscan.io logo urlscan.io
SecurityTrails logo

alfa5.nycs.net-freaks.com Open in urlscan Pro
51.79.255.219  Public Scan

Go To Rescan Add Verdict Report
URL: http://alfa5.nycs.net-freaks.com/
Submission: On March 13 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 36 HTTP transactions. The main IP is 51.79.255.219, located in Singapore and belongs to OVH, FR. The main domain is alfa5.nycs.net-freaks.com.
This is the only time alfa5.nycs.net-freaks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 18 51.79.255.219 16276 (OVH)
18 2a04:4e42:200... 54113 (FASTLY)
1 192.243.59.12 39572 (ADVANCEDH...)
1 46.105.201.240 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 149.56.240.132 16276 (OVH)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
1 99.86.178.90 16509 (AMAZON-02)
1 65.8.11.78 16509 (AMAZON-02)
1 99.86.178.50 16509 (AMAZON-02)
1 2 63.251.14.14 32475 (SINGLEHOP...)
1 65.8.11.125 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 51.222.80.231 16276 (OVH)
2 2 35.71.131.137 16509 (AMAZON-02)
2 2 13.250.79.244 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
36 16
18    51.79.255.219 (Singapore)

ASN16276 (OVH, FR)
PTR: vps-371d066c.vps.ovh.ca
alfa5.nycs.net-freaks.com
18    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
www.smh.com.au
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.highconvertingformats.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    2606:4700:3037::6815:1190 (United States)

ASN13335 (CLOUDFLARENET, US)
dash.nextagc.com
1    149.56.240.132 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534300.ip-149-56-240.net
s4.histats.com
3    2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
1    99.86.178.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-178-90.kul50.r.cloudfront.net
get.s-onetag.com
1    65.8.11.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-11-78.kul50.r.cloudfront.net
onetag-geo.s-onetag.com
1    99.86.178.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-178-50.kul50.r.cloudfront.net
data-beacons.s-onetag.com
2    63.251.14.14 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    65.8.11.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-11-125.kul50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:20::ac43:4aba (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    13.250.79.244 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-79-244.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
18 smh.com.au
www.smh.com.au — Cisco Umbrella Rank: 103813
213 KB
18 net-freaks.com
alfa5.nycs.net-freaks.com
83 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2330
1 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1250
sync.crwdcntrl.net — Cisco Umbrella Rank: 785
18 KB
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3920
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4740
data-beacons.s-onetag.com — Cisco Umbrella Rank: 14936
14 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 19354
t.dtscout.com — Cisco Umbrella Rank: 15084
5 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
859 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
933 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 575
994 B
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 19524
s4.histats.com — Cisco Umbrella Rank: 16058
5 KB
1 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2875
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 17086
610 B
1 nextagc.com
dash.nextagc.com
750 B
1 highconvertingformats.com
www.highconvertingformats.com
0 simpli.fi Failed
um.simpli.fi Failed
0 liadm.com Failed
i.liadm.com Failed
36 16
Domain Requested by
18 www.smh.com.au alfa5.nycs.net-freaks.com
18 alfa5.nycs.net-freaks.com 17 redirects
3 pixel.onaudience.com 3 redirects
2 px.ads.linkedin.com 1 redirects alfa5.nycs.net-freaks.com
2 sync.crwdcntrl.net 2 redirects
2 match.adsrvr.org 2 redirects
2 ap.lijit.com 1 redirects alfa5.nycs.net-freaks.com
2 t.dtscout.com e.dtscout.com
1 spl.zeotap.com alfa5.nycs.net-freaks.com
1 t.dtscdn.com e.dtscout.com
1 tags.crwdcntrl.net e.dtscout.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 dash.nextagc.com alfa5.nycs.net-freaks.com
1 s10.histats.com alfa5.nycs.net-freaks.com
1 www.highconvertingformats.com alfa5.nycs.net-freaks.com
0 um.simpli.fi Failed alfa5.nycs.net-freaks.com
0 i.liadm.com Failed alfa5.nycs.net-freaks.com
36 21

This site contains no links.

Subject Issuer Validity Valid
nine.com.au
COMODO RSA Organization Validation Secure Server CA		 2022-11-21 -
2023-11-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-20 -
2023-06-20		 a year crt.sh
histats.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.dtscout.com
GTS CA 1P5		 2023-01-29 -
2023-04-29		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.dtscdn.com
GTS CA 1P5		 2023-01-24 -
2023-04-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://alfa5.nycs.net-freaks.com/
Frame ID: 01A60722754FA0329A237385EA16D558
Requests: 35 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001678716585B952A594FDD3575DEB
Frame ID: 8111D3BF2ADE6E72EA6FFE56CC7357E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Australian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.aAustralian Breaking News Headlines & World News Online | SMH.com.a

Page Statistics

36
Requests

28 %
HTTPS

33 %
IPv6

16
Domains

21
Subdomains

16
IPs

4
Countries

335 kB
Transfer

777 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://alfa5.nycs.net-freaks.com/assets/88485174.svg HTTP 302
  • https://www.smh.com.au/assets/88485174.svg
Request Chain 1
  • http://alfa5.nycs.net-freaks.com/assets/b04806ee.svg HTTP 302
  • https://www.smh.com.au/assets/b04806ee.svg
Request Chain 2
  • http://alfa5.nycs.net-freaks.com/assets/dd51f8cf.woff2 HTTP 302
  • https://www.smh.com.au/assets/dd51f8cf.woff2
Request Chain 3
  • http://alfa5.nycs.net-freaks.com/assets/9ff0e533.woff2 HTTP 302
  • https://www.smh.com.au/assets/9ff0e533.woff2
Request Chain 4
  • http://alfa5.nycs.net-freaks.com/assets/c67d7077.woff2 HTTP 302
  • https://www.smh.com.au/assets/c67d7077.woff2
Request Chain 5
  • http://alfa5.nycs.net-freaks.com/assets/3dffa6aa.woff2 HTTP 302
  • https://www.smh.com.au/assets/3dffa6aa.woff2
Request Chain 6
  • http://alfa5.nycs.net-freaks.com/assets/012e77bf.svg HTTP 302
  • https://www.smh.com.au/assets/012e77bf.svg
Request Chain 7
  • http://alfa5.nycs.net-freaks.com/assets/6b81a165.svg HTTP 302
  • https://www.smh.com.au/assets/6b81a165.svg
Request Chain 8
  • http://alfa5.nycs.net-freaks.com/assets/04c18dbd.svg HTTP 302
  • https://www.smh.com.au/assets/04c18dbd.svg
Request Chain 9
  • http://alfa5.nycs.net-freaks.com/domain/domain.svg HTTP 302
  • https://www.smh.com.au/domain/domain.svg
Request Chain 10
  • http://alfa5.nycs.net-freaks.com/icons/externalLink.svg HTTP 302
  • https://www.smh.com.au/icons/externalLink.svg
Request Chain 11
  • http://alfa5.nycs.net-freaks.com/assets/b81bb9a1.woff2 HTTP 302
  • https://www.smh.com.au/assets/b81bb9a1.woff2
Request Chain 12
  • http://alfa5.nycs.net-freaks.com/assets/698fcc6e.svg HTTP 302
  • https://www.smh.com.au/assets/698fcc6e.svg
Request Chain 13
  • http://alfa5.nycs.net-freaks.com/assets/f00a8102.svg HTTP 302
  • https://www.smh.com.au/assets/f00a8102.svg
Request Chain 14
  • http://alfa5.nycs.net-freaks.com/assets/3b95a10a.svg HTTP 302
  • https://www.smh.com.au/assets/3b95a10a.svg
Request Chain 15
  • http://alfa5.nycs.net-freaks.com/assets/ef636681.svg HTTP 302
  • https://www.smh.com.au/assets/ef636681.svg
Request Chain 16
  • http://alfa5.nycs.net-freaks.com/assets/d08acbbf.svg HTTP 302
  • https://www.smh.com.au/assets/d08acbbf.svg
Request Chain 28
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 31
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001678716585B952A594FDD3575DEB HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=da5d7142-d228-4d03-81f1-35cb537bb8d9&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=aec54213e7c9a12a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=aec54213e7c9a12a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a4f103bbe7e892a4ae8258d32731af16&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=aec54213e7c9a12a
Request Chain 33
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GTcxJSZHyVf2h8TBS7Ke1KIz&rand=29735&pu= HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GTcxJSZHyVf2h8TBS7Ke1KIz&rand=29735&pu=&expected_cookie=6205c5ec-d010-4496-9220-6d89b681df58

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
alfa5.nycs.net-freaks.com/ 		435 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://alfa5.nycs.net-freaks.com/
Protocol
HTTP/1.1
Server
51.79.255.219 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
vps-371d066c.vps.ovh.ca
Software
openresty /
Resource Hash
2b7c573bd512aa1a396b6076ec02b1025fd7ae5f5ec6e1a0efa2f7b2008cfed2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 13 Mar 2023 14:09:42 GMT
Server
openresty
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
88485174.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/88485174.svg
  • https://www.smh.com.au/assets/88485174.svg
14 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/88485174.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fff2d638281f9005a2876877c4d92ad4c36e0b72c6df3e5273b88687171429f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:43 GMT
via
1.1 varnish, 1.1 varnish
age
4107186
uber-trace-id
9de904ea7f3adc3b:9de904ea7f3adc3b:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
6705
x-xss-protection
1; mode=block
x-served-by
cache-syd10182-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"39fd-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
105294, 2

Redirect headers

Location
https://www.smh.com.au/assets/88485174.svg
Date
Mon, 13 Mar 2023 14:09:42 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
b04806ee.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/b04806ee.svg
  • https://www.smh.com.au/assets/b04806ee.svg
7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/b04806ee.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
829f92421332299bbe3946a9bf45e45a4e794b0d3e3c30a40907daba3251ecf2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:43 GMT
via
1.1 varnish, 1.1 varnish
age
4107197
uber-trace-id
f2dc4c41fae0153d:f2dc4c41fae0153d:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
2956
x-xss-protection
1; mode=block
x-served-by
cache-syd10171-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"1ce3-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
13468, 1

Redirect headers

Location
https://www.smh.com.au/assets/b04806ee.svg
Date
Mon, 13 Mar 2023 14:09:42 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
dd51f8cf.woff2
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/dd51f8cf.woff2
  • https://www.smh.com.au/assets/dd51f8cf.woff2
48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.smh.com.au/assets/dd51f8cf.woff2
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7630b3dd2b6e83a3d5295706cccdddf75013f8a9970435a999f2f0dbb5a579f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
date
Mon, 13 Mar 2023 14:09:43 GMT
age
10604712
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
uber-trace-id
c03535a0eb9b7493:c03535a0eb9b7493:0:0
x-cache
HIT, HIT
content-length
49588
x-xss-protection
1; mode=block
x-served-by
cache-syd10139-SYD, cache-bur-kbur8200124-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Nov 2022 01:04:39 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"c1b4-18459eaec58"
x-frame-options
sameorigin
vary
app-vary, app-vary
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
56788, 1

Redirect headers

Location
https://www.smh.com.au/assets/dd51f8cf.woff2
Date
Mon, 13 Mar 2023 14:09:42 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
9ff0e533.woff2
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/9ff0e533.woff2
  • https://www.smh.com.au/assets/9ff0e533.woff2
51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.smh.com.au/assets/9ff0e533.woff2
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5d8ef4d01c05ab65fa428ef13b6e0ad8992272baeba1f15bffbc2bbf8647d9a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
date
Mon, 13 Mar 2023 14:09:43 GMT
age
17536275
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
uber-trace-id
bf5ead93c6c9ce49:bf5ead93c6c9ce49:0:0
x-cache
HIT, HIT
content-length
51868
x-xss-protection
1; mode=block
x-served-by
cache-syd10136-SYD, cache-bur-kbur8200124-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Aug 2022 08:13:05 GMT
etag
W/"ca9c-182c49cc668"
x-frame-options
sameorigin
vary
app-vary, app-vary
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-varnish-grace
none
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
111808, 1

Redirect headers

Location
https://www.smh.com.au/assets/9ff0e533.woff2
Date
Mon, 13 Mar 2023 14:09:42 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
c67d7077.woff2
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/c67d7077.woff2
  • https://www.smh.com.au/assets/c67d7077.woff2
27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.smh.com.au/assets/c67d7077.woff2
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8cbb84320501e7ba07f1793b7ce865f022a7afc1d4e1c3abd2c9879f12dbf1e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
date
Mon, 13 Mar 2023 14:09:43 GMT
age
31276161
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
uber-trace-id
4cfc0528a6b94da4:4cfc0528a6b94da4:0:0
x-cache
HIT, HIT
content-length
27600
x-xss-protection
1; mode=block
x-served-by
cache-syd10158-SYD, cache-bur-kbur8200124-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Mar 2022 03:14:20 GMT
etag
W/"6bd0-17f8b91c2e0"
x-frame-options
sameorigin
vary
app-vary, app-vary
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-varnish-grace
none
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
86365, 1

Redirect headers

Location
https://www.smh.com.au/assets/c67d7077.woff2
Date
Mon, 13 Mar 2023 14:09:42 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
3dffa6aa.woff2
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/3dffa6aa.woff2
  • https://www.smh.com.au/assets/3dffa6aa.woff2
35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.smh.com.au/assets/3dffa6aa.woff2
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4fc475c72236d86cc5d8516a4afa0102f0b7379203fbde407d20f00e9c9a5dc6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
date
Mon, 13 Mar 2023 14:09:43 GMT
age
11722767
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
uber-trace-id
19fd1ae5330b0d7d:19fd1ae5330b0d7d:0:0
x-cache
HIT, HIT
content-length
36124
x-xss-protection
1; mode=block
x-served-by
cache-syd10174-SYD, cache-bur-kbur8200124-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Oct 2022 02:08:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"8d1c-1841c589c00"
x-frame-options
sameorigin
vary
app-vary, app-vary
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
39484, 1

Redirect headers

Location
https://www.smh.com.au/assets/3dffa6aa.woff2
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
012e77bf.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/012e77bf.svg
  • https://www.smh.com.au/assets/012e77bf.svg
499 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/012e77bf.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8034cae17fdb6d4038d5b115fdd5421fb72d8208062c69a8947dd3105447b674
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:43 GMT
via
1.1 varnish, 1.1 varnish
age
4107197
uber-trace-id
c3c5b8cfe6956678:c3c5b8cfe6956678:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
298
x-xss-protection
1; mode=block
x-served-by
cache-syd10122-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"1f3-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
31339, 1

Redirect headers

Location
https://www.smh.com.au/assets/012e77bf.svg
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
6b81a165.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/6b81a165.svg
  • https://www.smh.com.au/assets/6b81a165.svg
476 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/6b81a165.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80734da2366a80e4924255484fbd46f46f8544fea3c8f93586f47786c4954c5f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:43 GMT
via
1.1 varnish, 1.1 varnish
age
4107197
uber-trace-id
113a1f5b5c52445a:113a1f5b5c52445a:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
272
x-xss-protection
1; mode=block
x-served-by
cache-syd10165-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"1dc-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
29537, 2

Redirect headers

Location
https://www.smh.com.au/assets/6b81a165.svg
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
04c18dbd.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/04c18dbd.svg
  • https://www.smh.com.au/assets/04c18dbd.svg
373 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/04c18dbd.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b514dfda64923088ef09c3632688187702123a22e417a7143646de7ab12a25ac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:43 GMT
via
1.1 varnish, 1.1 varnish
age
4107197
uber-trace-id
4a36bc3ee675dbdb:4a36bc3ee675dbdb:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
223
x-xss-protection
1; mode=block
x-served-by
cache-syd10175-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"175-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
42642, 18220

Redirect headers

Location
https://www.smh.com.au/assets/04c18dbd.svg
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
domain.svg
www.smh.com.au/domain/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/domain/domain.svg
  • https://www.smh.com.au/domain/domain.svg
1 KB
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/domain/domain.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f208ee66ef438ef69e4e6534abb98a0470ca4a3a633a22a975717460ba6a2e58
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
date
Mon, 13 Mar 2023 14:09:43 GMT
age
11114625
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
uber-trace-id
972d5b03b3a1c28b:972d5b03b3a1c28b:0:0
x-cache
HIT, HIT
content-length
760
x-xss-protection
1; mode=block
x-served-by
cache-syd10140-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 04 Nov 2022 00:18:37 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"58b-1844000fb48"
x-frame-options
sameorigin
vary
Accept-Encoding, app-vary, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
35091, 1

Redirect headers

Location
https://www.smh.com.au/domain/domain.svg
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
externalLink.svg
www.smh.com.au/icons/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/icons/externalLink.svg
  • https://www.smh.com.au/icons/externalLink.svg
542 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/icons/externalLink.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8087798ababb1aa83241c68ea2e762a7d639b3256c8270f22434dc891c9643db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
date
Mon, 13 Mar 2023 14:09:43 GMT
age
31270843
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
uber-trace-id
67bb8849d6531419:67bb8849d6531419:0:0
x-cache
HIT, HIT
content-length
307
x-xss-protection
1; mode=block
x-served-by
cache-syd10153-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Mar 2022 03:12:15 GMT
etag
W/"21e-17f8b8fda98"
x-frame-options
sameorigin
vary
Accept-Encoding, app-vary, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
normal hit
accept-ranges
bytes
x-cache-hits
71762, 1

Redirect headers

Location
https://www.smh.com.au/icons/externalLink.svg
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
b81bb9a1.woff2
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/b81bb9a1.woff2
  • https://www.smh.com.au/assets/b81bb9a1.woff2
29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.smh.com.au/assets/b81bb9a1.woff2
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3ac554741dfb7a3d5c75a01cc0f2c9a84abc87816697afb911d819abc39b289
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org; upgrade-insecure-requests
strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish
date
Mon, 13 Mar 2023 14:09:43 GMT
age
31275082
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
uber-trace-id
8f0826067fc4aedb:8f0826067fc4aedb:0:0
x-cache
HIT, HIT
content-length
29476
x-xss-protection
1; mode=block
x-served-by
cache-syd10150-SYD, cache-bur-kbur8200124-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Mar 2022 03:14:20 GMT
etag
W/"7324-17f8b91c2e0"
x-frame-options
sameorigin
vary
app-vary, app-vary
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-varnish-grace
none
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
53, 1

Redirect headers

Location
https://www.smh.com.au/assets/b81bb9a1.woff2
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
698fcc6e.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/698fcc6e.svg
  • https://www.smh.com.au/assets/698fcc6e.svg
8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/698fcc6e.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b49a450fe279df6f7f677197c109fcd4578aa3c0840906d4b622474d4ac0e934
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:43 GMT
via
1.1 varnish, 1.1 varnish
age
4107199
uber-trace-id
aefa9c0a7a3f8881:aefa9c0a7a3f8881:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
1645
x-xss-protection
1; mode=block
x-served-by
cache-syd10149-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"2040-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
121317, 2

Redirect headers

Location
https://www.smh.com.au/assets/698fcc6e.svg
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
f00a8102.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/f00a8102.svg
  • https://www.smh.com.au/assets/f00a8102.svg
454 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/f00a8102.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af0c28aa7862aaea4535a7b3ed7740dcfc84c0a4f57fe29c4c2635a702d359a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:43 GMT
via
1.1 varnish, 1.1 varnish
age
4107198
uber-trace-id
21ee764a7cb4601c:21ee764a7cb4601c:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
271
x-xss-protection
1; mode=block
x-served-by
cache-syd10128-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"1c6-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
52559, 1

Redirect headers

Location
https://www.smh.com.au/assets/f00a8102.svg
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
3b95a10a.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/3b95a10a.svg
  • https://www.smh.com.au/assets/3b95a10a.svg
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/3b95a10a.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c9221b2b9d30454344a2f8cabb84ef8ed184a54fef3d952e41e34b6d539cddec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:43 GMT
via
1.1 varnish, 1.1 varnish
age
4107199
uber-trace-id
e7c2a01495a373d3:e7c2a01495a373d3:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
474
x-xss-protection
1; mode=block
x-served-by
cache-syd10167-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"55c-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
71405, 1

Redirect headers

Location
https://www.smh.com.au/assets/3b95a10a.svg
Date
Mon, 13 Mar 2023 14:09:43 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
ef636681.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/ef636681.svg
  • https://www.smh.com.au/assets/ef636681.svg
648 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/ef636681.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be8d2958c1057285e2e040cf55772b5cf4af6e2eb6d9d371053ec58c9bb55f85
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:44 GMT
via
1.1 varnish, 1.1 varnish
age
4107198
uber-trace-id
db6b300ed6ceff7e:db6b300ed6ceff7e:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
394
x-xss-protection
1; mode=block
x-served-by
cache-syd10134-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"288-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
36513, 1

Redirect headers

Location
https://www.smh.com.au/assets/ef636681.svg
Date
Mon, 13 Mar 2023 14:09:44 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
d08acbbf.svg
www.smh.com.au/assets/
Redirect Chain
  • http://alfa5.nycs.net-freaks.com/assets/d08acbbf.svg
  • https://www.smh.com.au/assets/d08acbbf.svg
2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.smh.com.au/assets/d08acbbf.svg
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3dd5561d9d9cc093883610cbe7db9b3caaef7e640d06ec8225d5a59fd7833c55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 13 Mar 2023 14:09:44 GMT
via
1.1 varnish, 1.1 varnish
age
4107198
uber-trace-id
764a3aad340b064d:764a3aad340b064d:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
934
x-xss-protection
1; mode=block
x-served-by
cache-syd10143-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 00:28:00 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"710-185e6530a80"
x-frame-options
sameorigin
vary
app-vary, Accept-Encoding, app-vary
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
71465, 2

Redirect headers

Location
https://www.smh.com.au/assets/d08acbbf.svg
Date
Mon, 13 Mar 2023 14:09:44 GMT
Content-Type
text/html; charset=UTF-8
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
X-Served-By
alfa5.nycs.net-freaks.com
Asset.46c9e82922f92dba8b12.chunk.js
www.smh.com.au/assets/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.smh.com.au/assets/Asset.46c9e82922f92dba8b12.chunk.js
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.ffxblue.com.au *.ffx.io *.smh.com.au *.theage.com.au *.brisbanetimes.com.au *.watoday.com.au *.cdn.ampproject.org *.platform.ink; upgrade-insecure-requests
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 13 Mar 2023 14:09:43 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
913856
uber-trace-id
4d6b986b25309a7:4d6b986b25309a7:0:0
content-security-policy-report-only
child-src blob: data: https:; connect-src https: wss:; default-src blob: data: https: 'report-sample' 'unsafe-eval' 'unsafe-inline'; font-src data: https:; form-action https:; frame-src data: https:; img-src blob: data: https:; media-src blob: data: https:; object-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; report-uri https://csp.ffx.io/
x-cache
HIT, HIT
content-length
459604
x-xss-protection
1; mode=block
x-served-by
cache-syd10161-SYD, cache-bur-kbur8200077-BUR
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Mar 2023 23:44:13 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-platform-version
etag
W/"188cea-186a4b640c8"
x-frame-options
sameorigin
vary
Accept-Encoding, app-vary, app-vary
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*,ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
27, 1
invoke.js
www.highconvertingformats.com/444c1468f16fef13b22f9d13df81ed13/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.highconvertingformats.com/444c1468f16fef13b22f9d13df81ed13/invoke.js
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://alfa5.nycs.net-freaks.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 13 Mar 2023 14:09:43 GMT
Server
nginx/1.17.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 14:03:27 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
x-iplb-request-id
D13AA2EF:C254_2E69C9F0:0050_640F2EA7_209EDF:8204
etag
"-375139978"
x-iplb-instance
14109
vary
Accept-Encoding
content-type
text/javascript
x-cdn-pop
bhs
accept-ranges
bytes
content-length
4547
x-request-id
283316088
process.php
dash.nextagc.com/sync/ 		0
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dash.nextagc.com/sync/process.php
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://alfa5.nycs.net-freaks.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 Mar 2023 14:09:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-allow-methods
POST,GET,OPTIONS, GET,POST,OPTIONS,DELETE,PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GB2H4R73CH%2BsS%2BvBFESx8wdkmlPqESkg5HbRrMG9pWPbzLVtRbcz6BmzP60hgH78uG1mwhnAirq6TBlCCmf2FucGoANYYpDJCXGpCxuFJ2AXwir%2Fuo%2BQbAtIbqI8PhPKKn6ajt6%2BWGhQnnWARUTV"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
7a74db362eb1919b-SIN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Thu, 19 Nov 1981 08:52:00 GMT
0.php
s4.histats.com/stats/ 		378 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4690849&@f16&@g1&@h1&@i1&@j1678716583875&@k0&@l1&@mAustralian%20Breaking%20News%20Headlines%20%26%20World%20News%20Online%20%7C%20SMH.com.a&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:13415832&@b3:1678716584&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Falfa5.nycs.net-freaks.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.132 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534300.ip-149-56-240.net
Software
/
Resource Hash
ca7ca95ea00a41be1b9f00bcc54e9dcbbfa2d5f540d626e65644c9f9996868a6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 14:09:44 GMT
Connection
close
Content-Length
378
Content-Type
text/html;charset=UTF-8
/
e.dtscout.com/e/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfa5.nycs.net-freaks.com%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4690849&@f16&@g1&@h1&@i1&@j1678716583875&@k0&@l1&@mAustralian%20Breaking%20News%20Headlines%20%26%20World%20News%20Online%20%7C%20SMH.com.a&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:13415832&@b3:1678716584&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Falfa5.nycs.net-freaks.com%2F&@w
Protocol
HTTP/1.1
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
472df9abe22b174be06a132837ddb9cf7dcfda2c7674683c4b8426a7ded9dc04

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 14:09:45 GMT
X-T
0.5
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtvKJXPxL844QZycGURg526WXIGtyKAx6Cfom8StUeHDBNBLCHImxJDhrLJVf6YIVLIULGp6iGLnDNsIALVqfJMJGOd6Lmt%2FZXjTjOi18FozreDKVDw5CrmUtgsrvIotRAZorGzs5lsOw8g%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-S
mtl1
CF-RAY
7a74db3e2f864d4b-SIN
Expires
Mon, 13 Mar 2023 14:09:44 GMT
/
t.dtscout.com/idg/ Frame 8111 		1 KB
889 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=6D001678716585B952A594FDD3575DEB
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfa5.nycs.net-freaks.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6138c33548b55c520e7be9c696926222ceffe319534443e423af32522c72343f

Request headers

Referer
http://alfa5.nycs.net-freaks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7a74db415c0d3e1d-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 13 Mar 2023 14:09:45 GMT
expires
Mon, 13 Mar 2023 14:09:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VGBEFoLbQVRzqT3zvF8VSQ9O8GddN5d%2FM9HEWyH%2Bz8OXIfrXDXyn0gWQ4D7Gv4ewJsNJn%2FxV0oK7gH%2FzIv8uBAeYjVxRgjA41lAA0sYeujoMoavS8b97PGwopInQZ0MAbN0HuQDrajLN40%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfa5.nycs.net-freaks.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.178.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-178-90.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 21:23:29 GMT
x-amz-version-id
Cbjpq7uzlYJGW75uYJ0hJ2.4T0hYLuBY
content-encoding
gzip
last-modified
Tue, 28 Feb 2023 11:00:34 GMT
server
AmazonS3
via
1.1 992d0bf46adc44efb6ae5182ac41ed86.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C1
etag
W/"da6f9d421ee18b85a6159832b88d2387"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
age
60377
x-amz-cf-id
vbBuvD-ymeinYN16IRsiEux27or6D8O3B33hxEc5kGDf6Ua0T1xxbA==
/
t.dtscout.com/pv/ 		51 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=alfa5.nycs.net-freaks.com&_ss=2pccw4gxzn&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=35dj&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfa5.nycs.net-freaks.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac275f525f12930c384c7849d73920279cc17f8aff27c4c1ddeec683e34a07f1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 14:09:45 GMT
x-t
0.205
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pB%2FU7fmxIbUKFPlVB4Ps3AhRHRYc9Js6Ekvo6sDvbFEY1eBcDAlg5K2m8K4TTh%2B%2F2xpZRG6Jo58MJuPZ1GtMRoAd9Gftt9VB9q13NOaStXiXzHO1s2zIhj4zfqNVMS%2FrwrFAYMVsJrkxStE%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
7a74db415c0f3e1d-SIN
expires
Mon, 13 Mar 2023 14:09:44 GMT
/
onetag-geo.s-onetag.com/ 		535 B
941 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-78.kul50.r.cloudfront.net
Software
/
Resource Hash
e6fb9c3b8c7657ae2ff8b85860105410994ba2dd9461388484c6f90ab32759ae

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 14:09:45 GMT
via
1.1 c76b6f80cec204bcd24e411dd51125fc.cloudfront.net (CloudFront), 1.1 333535ca25497de0eb4b0276f48b6596.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1, KUL50-C2
x-amzn-requestid
ca5fcb5f-f19b-48d5-b7e2-fa4fa576d58b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
BuQ6gHbnCYcF-1g=
content-length
535
x-amz-cf-id
-hGNso6qXm6J09kdAgEg-I_4EV7Ep7FPNPAr4gJZABoY4EU6o0-gdg==
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.178.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-178-50.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 13:14:55 GMT
content-encoding
gzip
via
1.1 41c06d8a12e9a33e89f3ec25030f08a2.cloudfront.net (CloudFront)
x-amz-version-id
AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l
last-modified
Mon, 30 Jan 2023 17:09:16 GMT
server
AmazonS3
x-amz-cf-pop
KUL50-C1
age
3291
etag
W/"b33b67ced6b706568683ecea83e198c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
r_stZjfhB7FFi8q04OOIBx0KvJ7lrYF1DxJbyTKmYiLr6z9cFe1GlQ==
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
HTTP/1.1
Server
63.251.14.14 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
8d6d1ea14d365ae5a2e6c65aa8af0a1c5e654717e56d9e104e68d90d91ba5c76

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 14:09:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://alfa5.nycs.net-freaks.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Mon, 13 Mar 2023 14:09:46 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
http://alfa5.nycs.net-freaks.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfa5.nycs.net-freaks.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-125.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ae2f4d8c9c5f330527a4daaae59fe294e557660c57f677846472666291ffdee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 19:24:37 GMT
content-encoding
gzip
via
1.1 be9c622dcc41e23f3ebe1e7675fb2d2a.cloudfront.net (CloudFront)
last-modified
Wed, 08 Mar 2023 16:30:56 GMT
server
AmazonS3
x-amz-cf-pop
KUL50-C2
age
67509
x-amz-server-side-encryption
AES256
etag
W/"95b6f21ed07c6c078e4bb428b83fc22a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
qaAUNxvti57BrZbBhprwBuneW8sUrgQzDuCSj8chZlgOPmyq2qYJYw==
/
t.dtscdn.com/widget/ 		0
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=6D001678716585B952A594FDD3575DEB&nid=300&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Falfa5.nycs.net-freaks.com%2F&r=
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfa5.nycs.net-freaks.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 14:09:45 GMT
x-t
1.2
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce%2B63%2FJ3isOZbxsdjLmWLvc%2FXy%2BQn9m1wXrADJXNBE6i5Iv4w0oOm%2FzcJFhLe3dDtemXpfkt2areo%2B%2FD7K8KptD1SRCShYJoaJOjr%2Fd%2FzhD1fxTOdnIYjsqZQ06wdA%2BH%2Fq%2FuKwBIAr5CtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web15.ny1.dtscdn.com
cf-ray
7a74db44ae604059-SIN
expires
Mon, 13 Mar 2023 14:18:43 GMT
/
spl.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D001678716585B952A594FDD3575DEB
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=da5d7142-d228-4d03-81f1-35cb537bb8d9&icm&gdpr=0&gdpr_consent=&cver
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=aec54213e7c9a12a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=aec54213e7c9a12a/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a4f103bbe7e892a4ae8258d32731af16&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=aec54213e7c9a12a
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=aec54213e7c9a12a
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=aec54213e7c9a12a
content-length
0
59074
i.liadm.com/s/ 		0
0
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GTcxJSZHyVf2h8TBS7Ke1KIz&rand=29735&pu=
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GTcxJSZHyVf2h8TBS7Ke1KIz&rand=29735&pu=&expected_cookie=6205c5ec-d010-4496-9220-6d89b681df58
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GTcxJSZHyVf2h8TBS7Ke1KIz&rand=29735&pu=&expected_cookie=6205c5ec-d010-4496-9220-6d89b681df58
Requested by
Host: alfa5.nycs.net-freaks.com
URL: http://alfa5.nycs.net-freaks.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfa5.nycs.net-freaks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 14:09:47 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FDEB425042BC4DD0AEAFD265E397DECE Ref B: SIN30EDGE0821 Ref C: 2023-03-13T14:09:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2yKnk3dSRFHRa20kLjQ==

Redirect headers

date
Mon, 13 Mar 2023 14:09:47 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6B97F3C3DE924694A1E5923B8BAF07A9 Ref B: SIN30EDGE0821 Ref C: 2023-03-13T14:09:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=15697&puuid=GTcxJSZHyVf2h8TBS7Ke1KIz&rand=29735&pu=&expected_cookie=6205c5ec-d010-4496-9220-6d89b681df58
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2yKng5oS8BJ4F2Yurag==
lj_match
um.simpli.fi/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.liadm.com
URL
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GTcxJSZHyVf2h8TBS7Ke1KIz&rnd=83020
Domain
um.simpli.fi
URL
https://um.simpli.fi/lj_match?r=35405

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| atOptions string| domain string| target string| path object| _Hasync function| checkReferrer string| fullpart object| request string| url string| data function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| a object| cv object| _dtspv object| __connect object| __underground object| lotame_3825 number| char function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_g function| lt3825_ha object| lt3825_ object| lt3825_na object| lt3825_oa object| lt3825_Na object| lt3825_Xa object| lt3825_Ya object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_h function| lt3825_ga function| lt3825_ia function| lt3825_i function| lt3825_ja function| lt3825_j function| lt3825_k function| lt3825_l function| lt3825_m function| lt3825_n function| lt3825_la function| lt3825_ka function| lt3825_o function| lt3825_p function| lt3825_ma function| lt3825_q function| lt3825_r function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_sa function| lt3825_pa function| lt3825_qa function| lt3825_w function| lt3825_ra function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_A function| lt3825_v function| lt3825_B function| lt3825_C function| lt3825_ta function| lt3825_D function| lt3825_E function| lt3825_ua function| lt3825_F function| lt3825_G function| lt3825_va function| lt3825_H function| lt3825_I function| lt3825_J function| lt3825_L function| lt3825_M function| lt3825_N function| lt3825_K function| lt3825_wa function| lt3825_xa function| lt3825_O function| lt3825_ya function| lt3825_za function| lt3825_Aa function| lt3825_Ba function| lt3825_Ca function| lt3825_Da function| lt3825_Ea function| lt3825_Ia function| lt3825_Fa function| lt3825_Ga function| lt3825_Ha function| lt3825_Ja function| lt3825_La function| lt3825_Ka function| lt3825_Ma function| lt3825_P function| lt3825_Oa function| lt3825_Pa function| lt3825_Qa function| lt3825_Ra function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Q function| lt3825_Za function| lt3825__a function| lt3825_0a function| lt3825_R function| lt3825_S function| lt3825_1a function| lt3825_T function| lt3825_U function| lt3825_2a function| lt3825_3a function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_4a function| lt3825_6a function| lt3825_5a function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_4 function| lt3825_8a function| lt3825_$a function| lt3825_9a function| lt3825_bb function| lt3825_ab function| lt3825_2 function| lt3825_cb function| lt3825_db function| lt3825_3 function| lt3825_7a function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_5 function| lt3825_6 function| lt3825_ib function| lt3825_jb function| lt3825_kb function| lt3825_lb function| lt3825_mb function| lt3825_nb function| lt3825_ob function| lt3825_pb function| lt3825_qb function| lt3825_rb function| lt3825_8 function| lt3825_ub function| lt3825_vb function| lt3825_tb function| lt3825_sb function| lt3825_xb function| lt3825_wb function| lt3825_zb function| lt3825_yb function| lt3825_Ab function| lt3825_Bb function| lt3825_Cb function| lt3825_Db function| lt3825_Eb function| lt3825_Fb function| lt3825_Hb function| lt3825_Kb function| lt3825_Jb function| lt3825_Gb function| lt3825_Nb function| lt3825_Ib function| lt3825_Lb function| lt3825_Pb function| lt3825_Ob function| lt3825_Qb function| lt3825_Mb function| lt3825_Rb function| lt3825_Sb function| lt3825_Tb function| lt3825_9 function| lt3825_Ub function| lt3825_Vb function| lt3825_Wb function| lt3825_Xb function| lt3825_Yb function| lt3825_$ function| lt3825_Zb function| lt3825__b function| lt3825_0b function| lt3825_1b function| lt3825_2b function| lt3825_3b function| lt3825_4b function| lt3825_5b function| lt3825_7b function| lt3825_8b function| lt3825_9b function| lt3825_6b

21 Cookies

Domain/Path Name / Value
alfa5.nycs.net-freaks.com/ Name: HstCfa4690849
Value: 1678716583875
alfa5.nycs.net-freaks.com/ Name: HstCla4690849
Value: 1678716583875
alfa5.nycs.net-freaks.com/ Name: HstCmu4690849
Value: 1678716583875
alfa5.nycs.net-freaks.com/ Name: HstPn4690849
Value: 1
alfa5.nycs.net-freaks.com/ Name: HstPt4690849
Value: 1
alfa5.nycs.net-freaks.com/ Name: HstCnv4690849
Value: 1
alfa5.nycs.net-freaks.com/ Name: HstCns4690849
Value: 1
.nycs.net-freaks.com/ Name: __dtsu
Value: 6D001678716585B952A594FDD3575DEB
.nycs.net-freaks.com/ Name: lotame_domain_check
Value: nycs.net-freaks.com
.dtscdn.com/ Name: uid
Value: 6D001678716585B952A594FDD3575DEB
.lijit.com/ Name: ljt_reader
Value: GTcxJSZHyVf2h8TBS7Ke1KIz
.onaudience.com/ Name: cookie
Value: aec54213e7c9a12a
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDID
Value: da5d7142-d228-4d03-81f1-35cb537bb8d9
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjo3ezO6vXROxAFOAE.
.onaudience.com/ Name: done_redirects104
Value: 1
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.onaudience.com/ Name: done_redirects219
Value: 1
.linkedin.com/ Name: li_sugr
Value: 6205c5ec-d010-4496-9220-6d89b681df58
.linkedin.com/ Name: bcookie
Value: "v=2&8407cd35-a70e-453e-82fb-9785b588d64f"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2815:u=1:x=1:i=1678716587:t=1678802987:v=2:sig=AQGveNhcvHjhiveu-JcxeFLEl6MNiCYD"

3 Console Messages

Source Level URL
Text
javascript warning URL: http://alfa5.nycs.net-freaks.com/(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.highconvertingformats.com/444c1468f16fef13b22f9d13df81ed13/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://alfa5.nycs.net-freaks.com/(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.highconvertingformats.com/444c1468f16fef13b22f9d13df81ed13/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://www.highconvertingformats.com/444c1468f16fef13b22f9d13df81ed13/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alfa5.nycs.net-freaks.com
ap.lijit.com
dash.nextagc.com
data-beacons.s-onetag.com
e.dtscout.com
get.s-onetag.com
i.liadm.com
match.adsrvr.org
onetag-geo.s-onetag.com
pixel.onaudience.com
px.ads.linkedin.com
s10.histats.com
s4.histats.com
spl.zeotap.com
sync.crwdcntrl.net
t.dtscdn.com
t.dtscout.com
tags.crwdcntrl.net
um.simpli.fi
www.highconvertingformats.com
www.smh.com.au
i.liadm.com
um.simpli.fi
13.250.79.244
149.56.240.132
192.243.59.12
2606:4700:10::6816:1857
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780b
2606:4700:3037::6815:1190
2620:1ec:21::14
2a04:4e42:200::645
35.71.131.137
46.105.201.240
51.222.80.231
51.79.255.219
63.251.14.14
65.8.11.125
65.8.11.78
99.86.178.50
99.86.178.90
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
2ae2f4d8c9c5f330527a4daaae59fe294e557660c57f677846472666291ffdee
2b7c573bd512aa1a396b6076ec02b1025fd7ae5f5ec6e1a0efa2f7b2008cfed2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3dd5561d9d9cc093883610cbe7db9b3caaef7e640d06ec8225d5a59fd7833c55
472df9abe22b174be06a132837ddb9cf7dcfda2c7674683c4b8426a7ded9dc04
4fc475c72236d86cc5d8516a4afa0102f0b7379203fbde407d20f00e9c9a5dc6
58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837
6138c33548b55c520e7be9c696926222ceffe319534443e423af32522c72343f
7630b3dd2b6e83a3d5295706cccdddf75013f8a9970435a999f2f0dbb5a579f7
8034cae17fdb6d4038d5b115fdd5421fb72d8208062c69a8947dd3105447b674
80734da2366a80e4924255484fbd46f46f8544fea3c8f93586f47786c4954c5f
8087798ababb1aa83241c68ea2e762a7d639b3256c8270f22434dc891c9643db
829f92421332299bbe3946a9bf45e45a4e794b0d3e3c30a40907daba3251ecf2
8d6d1ea14d365ae5a2e6c65aa8af0a1c5e654717e56d9e104e68d90d91ba5c76
ac275f525f12930c384c7849d73920279cc17f8aff27c4c1ddeec683e34a07f1
af0c28aa7862aaea4535a7b3ed7740dcfc84c0a4f57fe29c4c2635a702d359a7
b49a450fe279df6f7f677197c109fcd4578aa3c0840906d4b622474d4ac0e934
b514dfda64923088ef09c3632688187702123a22e417a7143646de7ab12a25ac
be8d2958c1057285e2e040cf55772b5cf4af6e2eb6d9d371053ec58c9bb55f85
c3ac554741dfb7a3d5c75a01cc0f2c9a84abc87816697afb911d819abc39b289
c9221b2b9d30454344a2f8cabb84ef8ed184a54fef3d952e41e34b6d539cddec
ca7ca95ea00a41be1b9f00bcc54e9dcbbfa2d5f540d626e65644c9f9996868a6
d8cbb84320501e7ba07f1793b7ce865f022a7afc1d4e1c3abd2c9879f12dbf1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fb9c3b8c7657ae2ff8b85860105410994ba2dd9461388484c6f90ab32759ae
f208ee66ef438ef69e4e6534abb98a0470ca4a3a633a22a975717460ba6a2e58
f5d8ef4d01c05ab65fa428ef13b6e0ad8992272baeba1f15bffbc2bbf8647d9a
fff2d638281f9005a2876877c4d92ad4c36e0b72c6df3e5273b88687171429f4