subscribe.afr.com Open in urlscan Pro
2a04:4e42:600::645 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.email.fairfaxmedia.com.au/?qs=df4a0fba4e2611cc5bf09b588c0a0e14e05c43fc5f7922dc100ca940cad457bec4cef5903cb433883e18fd436846...
Effective URL:
https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Submission: On August 23 via api (August 23rd 2021, 2:39:40 am UTC) from SG

Summary HTTP 105 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 36 domains to perform 105 HTTP transactions. The main IP is 2a04:4e42:600::645, located in United States and belongs to FASTLY, US. The main domain is subscribe.afr.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on April 22nd 2021. Valid for: 5 months.

This is the only time subscribe.afr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.231.91.47 66.231.91.47	22606 (EXACT-7) (EXACT-7)
19	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a8::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2 11	13.225.87.53 13.225.87.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.224.102.53 13.224.102.53	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
7	54.171.163.246 54.171.163.246	16509 (AMAZON-02) (AMAZON-02)
1	13.224.95.38 13.224.95.38	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.224.102.55 13.224.102.55	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:8a00:10:2964:9d00:21	16509 (AMAZON-02) (AMAZON-02)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.102.94 13.224.102.94	16509 (AMAZON-02) (AMAZON-02)
2	13.55.151.243 13.55.151.243	16509 (AMAZON-02) (AMAZON-02)
2	52.214.44.171 52.214.44.171	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 2	18.156.147.57 18.156.147.57	16509 (AMAZON-02) (AMAZON-02)
1 1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	52.206.55.189 52.206.55.189	14618 (AMAZON-AES) (AMAZON-AES)
1	34.250.89.160 34.250.89.160	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:659... 2600:1f18:6593:f608:78e4:ddc4:e083:81a6	14618 (AMAZON-AES) (AMAZON-AES)
24	13.224.102.33 13.224.102.33	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	13.224.197.80 13.224.197.80	16509 (AMAZON-02) (AMAZON-02)
2	52.72.27.138 52.72.27.138	14618 (AMAZON-AES) (AMAZON-AES)
1	52.39.24.11 52.39.24.11	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
105	38

1 66.231.91.47 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.virt.exacttarget.com

click.email.fairfaxmedia.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a04:4e42:600::645 (United States)

ASN54113 (FASTLY, US)

subscribe.afr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a8::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.225.87.53 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-53.fra2.r.cloudfront.net

www.myunidays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-53.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.171.163.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-38.zrh50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-55.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:8a00:10:2964:9d00:21 (United States)

ASN16509 (AMAZON-02, US)

d2uhnetoehh304.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.102.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-94.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.55.151.243 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-151-243.ap-southeast-2.compute.amazonaws.com

i.ffx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.44.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-44-171.eu-west-1.compute.amazonaws.com

nd.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.147.57 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

dmpsync.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.55.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-55-189.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.89.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-89-160.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f608:78e4:ddc4:e083:81a6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 13.224.102.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-33.zrh50.r.cloudfront.net

assets1.unidays.world	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.197.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-80.fra2.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.27.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-27-138.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.39.24.11 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-24-11.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	unidays.world assets1.unidays.world	19 KB
19	afr.com subscribe.afr.com	382 KB
11	myunidays.com 2 redirects www.myunidays.com	207 KB
9	demdex.net dpm.demdex.net nd.demdex.net	12 KB
6	doubleclick.net 3 redirects ad.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	117 KB
4	facebook.com www.facebook.com	414 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	facebook.net connect.facebook.net	169 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	93 KB
2	segment.com cdn.segment.com	28 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	529 B
2	3lift.com 2 redirects dmpsync.3lift.com	758 B
2	advertising.com 1 redirects pixel.advertising.com	600 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	ffx.io i.ffx.io	441 B
2	parsely.com cdn.parsely.com p1.parsely.com	26 KB
2	google.de adservice.google.de www.google.de	905 B
2	google.com 1 redirects adservice.google.com www.google.com	850 B
2	typekit.net use.typekit.net p.typekit.net	1 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	segment.io api.segment.io	144 B
1	ytimg.com s.ytimg.com	9 KB
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	886 B
1	pubmatic.com 1 redirects image5.pubmatic.com	348 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	cloudfront.net d2uhnetoehh304.cloudfront.net	30 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagservices.com www.googletagservices.com	25 KB
1	googletagmanager.com www.googletagmanager.com	113 KB
1	cloudflare.com cdnjs.cloudflare.com	14 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	11 KB
1	fairfaxmedia.com.au 1 redirects click.email.fairfaxmedia.com.au	295 B
0	googleapis.com Failed ajax.googleapis.com Failed
105	36

	Domain	Requested by
24	assets1.unidays.world	www.myunidays.com
19	subscribe.afr.com	subscribe.afr.com
11	www.myunidays.com	2 redirects subscribe.afr.com www.myunidays.com
7	dpm.demdex.net	subscribe.afr.com
4	www.facebook.com	subscribe.afr.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	subscribe.afr.com connect.facebook.net
2	errors.client.optimizely.com	cdn.optimizely.com
2	cdn.segment.com	www.myunidays.com cdn.segment.com
2	dmpsync.3lift.com	2 redirects
2	pixel.advertising.com	1 redirects subscribe.afr.com
2	ib.adnxs.com	2 redirects
2	nd.demdex.net	subscribe.afr.com
2	i.ffx.io	d2uhnetoehh304.cloudfront.net
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	px.ads.linkedin.com	2 redirects
2	ad.doubleclick.net	2 redirects
1	www.googleadservices.com	www.myunidays.com
1	api.segment.io	cdn.segment.com
1	s.ytimg.com	www.myunidays.com
1	dmp.v.fwmrm.net	subscribe.afr.com
1	beacon.krxd.net	subscribe.afr.com
1	usermatch.krxd.net	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	image5.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	cm.everesttech.net	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	p1.parsely.com	subscribe.afr.com
1	d2uhnetoehh304.cloudfront.net	subscribe.afr.com
1	www.google.de	subscribe.afr.com
1	www.google.com	subscribe.afr.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	subscribe.afr.com
1	www.linkedin.com	1 redirects
1	cdn.parsely.com	subscribe.afr.com
1	adservice.google.de	subscribe.afr.com
1	adservice.google.com	1 redirects
1	snap.licdn.com	subscribe.afr.com
1	static.hotjar.com	subscribe.afr.com
1	www.googletagservices.com	subscribe.afr.com
1	www.googletagmanager.com	subscribe.afr.com
1	p.typekit.net	use.typekit.net
1	cdnjs.cloudflare.com	subscribe.afr.com
1	cdn.optimizely.com	subscribe.afr.com
1	maxcdn.bootstrapcdn.com	subscribe.afr.com
1	use.typekit.net	subscribe.afr.com
1	click.email.fairfaxmedia.com.au	1 redirects
0	ajax.googleapis.com Failed	subscribe.afr.com
105	50

This site contains links to these domains. Also see Links.

Domain
www.afr.com
login.myfairfax.com.au
support.fairfaxmedia.com.au
subscribers.afr.com

Subject Issuer	Validity	Valid
nine.com.au COMODO RSA Organization Validation Secure Server CA	`2021-04-22` - `2021-09-28`	5 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.myunidays.com Amazon	`2021-02-13` - `2022-03-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.9pub.io Amazon	`2021-07-07` - `2022-08-05`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-07-26` - `2022-01-19`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.unidays.world Amazon	`2021-02-13` - `2022-03-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
errors.client.optimizely.com Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Frame ID: 5ACEDF4E953819085BCF32A6A4AA6B1F
Requests: 54 HTTP requests in this frame

Frame: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Frame ID: 295CC5E378D8C8D1614578F29DDC003D
Requests: 38 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7542086929965.858;~oref=https://subscribe.afr.com/
Frame ID: 535D3FB04D23805F60662363D0E2897A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 26BF0CCAF7E6D17AEB6163F2AACC5081
Requests: 1 HTTP requests in this frame

Frame: https://nd.demdex.net/dest5.html?d_nsid=0
Frame ID: 04E8BC2F183EDD3D8F4CEA51B5DF6648
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Financial Review - Student Subscriptions

Page URL History Show full URLs

http://click.email.fairfaxmedia.com.au/?qs=df4a0fba4e2611cc5bf09b588c0a0e14e05c43fc5f7922dc100ca940cad457bec4cef590... HTTP 302
https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&ut... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

105
Requests

99 %
HTTPS

45 %
IPv6

36
Domains

50
Subdomains

38
IPs

5
Countries

1356 kB
Transfer

3887 kB
Size

19
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.afr.com/
Title:

Search URL Search Domain Scan URL

URL: https://login.myfairfax.com.au/members/lite_session/new?&channel_key=9ME3ACTT4ZYY1fEMfvR2EA&single_use_token=true&callback_uri=http%3A%2F%2Fwww.afr.com
Title: Log in

Search URL Search Domain Scan URL

URL: https://support.fairfaxmedia.com.au/hc/en-gb/requests/new
Title: Find out more

Search URL Search Domain Scan URL

URL: https://www.afr.com/digital-subscription-terms
Title: afr.com/conditions

Search URL Search Domain Scan URL

URL: https://www.afr.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.afr.com/conditions-of-use
Title: Conditions of Use

Search URL Search Domain Scan URL

URL: https://subscribers.afr.com/support-centre/subscription-faqs/
Title: AFR Support Centre

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.email.fairfaxmedia.com.au/?qs=df4a0fba4e2611cc5bf09b588c0a0e14e05c43fc5f7922dc100ca940cad457bec4cef5903cb433883e18fd4368464fe1144e183a63c1abbf HTTP 302
https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.myunidays.com/partners/afr/embedded/online HTTP 303
https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded/online HTTP 307
https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded

Request Chain 30

https://ad.doubleclick.net/ddm/activity/src=6633783;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7542086929965.858 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7542086929965.858 HTTP 302
https://adservice.google.com/ddm/fls/p/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7542086929965.858;~oref=https://subscribe.afr.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7542086929965.858;~oref=https://subscribe.afr.com/

Request Chain 34

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724&time=1629686361437&url=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9724%26time%3D1629686361437%26url%3Dhttps%253A%252F%252Fsubscribe.afr.com%252Fstudent-offer%253Fpromote_channel%253DEM_EM_STU%2526utm_source%253DEmail%2526utm_medium%253DEmail%2526utm_campaign%253DStudent%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724&time=1629686361437&url=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724&time=1629686361437&url=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&liSync=true&e_ipv6=AQI-ks4CmkhUDwAAAXtw4HCTkUS6JiAD4M2tKtUTKOXB9hhefrdEBxVzid_B994ZG0qqaxYN

Request Chain 54

https://cm.everesttech.net/cm/dd?d_uuid=74598879622205479772130166275676649045 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSMKWQAAAHFxfQQf

Request Chain 55

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8930743663496181657

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzQ1OTg4Nzk2MjIyMDU0Nzk3NzIxMzAxNjYyNzU2NzY2NDkwNDU= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFqvHpIBxpebLNBsNtrXpRk&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 57

https://pixel.advertising.com/ups/28/sync?uid=74598879622205479772130166275676649045&_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/28/sync?uid=74598879622205479772130166275676649045&_origin=1&redir=true&verify=true

Request Chain 58

https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s

Request Chain 59

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=74598879622205479772130166275676649045&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Y1LFQEpE2pHvFMCCS.ABsOUGEpSte4q.kGE-~A

Request Chain 60

https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=15160152685677781666&gdpr=0&gdpr_consent=

Request Chain 61

https://usermatch.krxd.net/um/v2?partner=adobe&id=74598879622205479772130166275676649045 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=74598879622205479772130166275676649045

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request student-offer Show response
subscribe.afr.com/
Redirect Chain

http://click.email.fairfaxmedia.com.au/?qs=df4a0fba4e2611cc5bf09b588c0a0e14e05c43fc5f7922dc100ca940cad457bec4cef5903cb433883e18fd4368464fe1144e183a63c1abbf
https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

19 KB
6 KB

32ms
6ms

Document
text/html

2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f83dfd746841a39fcc04f53235b1fda29cea8abedd637e006dc61c5842369777

Request headers

:method: GET
:authority: subscribe.afr.com
:scheme: https
:path: /student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2: 9EH5fgBRQj3qBsLissLDUcOEHlIR2cBmCZZthN62sIZJavWFrVYK4wr4WGl7hNXtKqfN++BfOh0=
x-amz-request-id: CKWBARS9VBT4WTBP
last-modified: Mon, 05 Jul 2021 01:33:05 GMT
x-amz-version-id: GdhngTDxSyqik2XE_PEjtZYnAfsJP5So
etag: "31cbf931d5942aa2f04d32969f3906af"
content-type: text/html
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 23 Aug 2021 02:39:21 GMT
age: 89
x-served-by: cache-syd10139-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
x-cache-hits: 1, 1
vary: Accept-Encoding
content-length: 5591

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Date: Mon, 23 Aug 2021 02:39:20 GMT
Connection: close
Content-Length: 249

GET
H2 200 bootstrap.css
subscribe.afr.com/css/student-subs/ 256 KB
31 KB 7ms
6ms Stylesheet
text/css 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.afr.com/css/student-subs/bootstrap.css
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea024e905868f958ff71db70ee04a973574e1be2bddb906e375616c99c68a050

Request headers

:path: /css/student-subs/bootstrap.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: b7C3ZUHdqUW7YMLoowovXT4Mu8NDWgYQ
content-encoding: gzip
etag: "74371d0be9560ce0302dd1a17e8d5e2b"
age: 88
x-cache: HIT, HIT
content-length: 31716
x-amz-id-2: G+MwWn1GXHeN4saEuQGCgPxRju/zQsmpImlFiefC10Ted6HOs+QoPHyg2CzJRPsQd9ibYtTmyyA=
x-served-by: cache-syd10126-SYD, cache-fra19138-FRA
last-modified: Mon, 05 Jul 2021 01:32:59 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:39:21 GMT
vary: Accept-Encoding
x-amz-request-id: Y2FJ0VZ63V88MSYM
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1, 1

GET
H2 200 main.css
subscribe.afr.com/css/student-subs/ 41 KB
7 KB 6ms
6ms Stylesheet
text/css 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.afr.com/css/student-subs/main.css
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7df7e875d8af8045e6a13f95023445c64892602f89f7e20a9b1fbdd6135f888

Request headers

:path: /css/student-subs/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iLbFVm9TU9zCrzOGtBArFEj.PE_cow81
content-encoding: gzip
etag: "6fe8839751323de358139e90ff1fb462"
age: 88
x-cache: HIT, HIT
content-length: 7206
x-amz-id-2: cBaomXrP5lvEozhG9LvCINrGi5fJfoxfE0RMOGAHJyGf8e9NEywCqVWoj5U963bY1ooHK2mPG/k=
x-served-by: cache-syd10127-SYD, cache-fra19138-FRA
last-modified: Mon, 05 Jul 2021 01:32:59 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:39:21 GMT
vary: Accept-Encoding
x-amz-request-id: DA59Q05J0V3E4ZC0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1, 1

GET
H2 200 rny3etf.css
use.typekit.net/ 6 KB
1 KB 26ms
13ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/rny3etf.css

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ea532f797f9721e03a2638c72fb78f66e6760139b9c4b45c331527cf3de05a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 23 Aug 2021 02:39:21 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 895

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 32ms
15ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://subscribe.afr.com
Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752, 617, 617, 617, 617, 617, 617, 617, 617, 617
age: 4071733
cdn-cachedat: 2021-06-20 12:44:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ff57e22b98fca22775721454de250920
cf-ray: 6830f84dc8f54eb6-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.main.js Show response
subscribe.afr.com/js/student-subs/ 21 KB
5 KB 6ms
6ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.afr.com/js/student-subs/jquery.main.js
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b27e284f97b57cae4ae695e19a39059281efd60e7baccda6763bbf842b6957d

Request headers

:path: /js/student-subs/jquery.main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: S2VL19YexOEwq6MAvzl.27S8IN1PPV.C
content-encoding: gzip
etag: "a7da61108c23d6f578635a6bf12f3b9d"
age: 88
x-cache: HIT, HIT
content-length: 5055
x-amz-id-2: H9HOakk8inTAZK7qSfMg2FUcS1TtJCfGoS+ihWnTuCYADavJYHlmqsjzE/wx2irFwPxORLpN7Fc=
x-served-by: cache-syd10157-SYD, cache-fra19138-FRA
last-modified: Mon, 05 Jul 2021 01:33:05 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:39:21 GMT
vary: Accept-Encoding
x-amz-request-id: 5Q5CQ6V08BASK3QH
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 1

GET
H2 200 13780390039.js Show response
cdn.optimizely.com/js/ 304 KB
93 KB 23ms
9ms Script
text/javascript 2a02:26f0:6c00:2a8::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/13780390039.js

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a8::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8fffdb94ce839d933a9662f9cf65542901cd0ce438fa4b6c292b1a15ada21495

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: zIf2IUTlIXqZDT0z0OZK8XG.TukjyEvA
content-encoding: gzip
etag: "bb9abb48bc07a0aca25acda404ad9bc9"
x-amz-request-id: VENP3D7JK6H326DS
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2843
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a8::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 93821
x-amz-id-2: 8/piYT06vzIGRn1YnVdlFlgIaoJhCdIyJz0O/L1v5EL3k3NopUEHaukxibLQPT3YPMtqYPbFBms=
last-modified: Wed, 18 Aug 2021 15:01:18 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:39:21 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 mobile-detect.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.4.4/ 38 KB
14 KB 39ms
39ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.4.4/mobile-detect.min.js

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2664172
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13867
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f25-981e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwlOtO4MibCPf2lwcxqoX7cNUOwEkb8USDEFEVOvOYt9I0QkjIflJ99EvpyYgLngDggACYtWdNRgIF%2F%2BbMaox62ujkhWZcbO8rbbNP%2FgyeHXmy51i%2FLYoIE8KY8ipGJiI%2B7mYFTQBPaIubnqNe3TRk59"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6830f84d6a72dfa5-FRA
expires: Sat, 13 Aug 2022 02:39:21 GMT

GET
H2 200 modal-close.png
subscribe.afr.com/img/student-subs/ 1 KB
2 KB 9ms
7ms Image
image/png 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/modal-close.png
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 840e190f769073fc9afa86b2bf84c4a6e7a0ffa73efe1f8443c4b7af311d0b74

Request headers

:path: /img/student-subs/modal-close.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uZ6ql888I83_vVrFrZGStXMQchJ2kJQy
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:04 GMT
server: AmazonS3
age: 88
etag: "fb201cece9f929bfb8f12a0b4923bdc7"
x-served-by: cache-syd10154-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: image/png
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 1281
accept-ranges: bytes
x-amz-request-id: 4VTXHTQ57JXRR0H9
x-amz-id-2: 1HxZangoVmcN/e7Z/V3ReoDJjEInwyh0KG0/IELjiaUHEZRtGxSbTPX0ka9U3tCtpLPj1T4hL1s=
x-cache-hits: 1, 1

GET
H2 200 logo-afr.svg
subscribe.afr.com/img/student-subs/ 10 KB
4 KB 11ms
9ms Image
image/svg+xml 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/logo-afr.svg
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2261e76a961e2a746faef45da07399665bd66da4d05fb7637d12d75960346e53

Request headers

:path: /img/student-subs/logo-afr.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 16dwV4m0j8zAhQzxOdtoGU_7EG1.x0jP
content-encoding: gzip
etag: "a30e6ba73a74e8d8f83f78efa5424836"
age: 88
x-cache: HIT, HIT
content-length: 3869
x-amz-id-2: 01B/ka1SDqj84+WicxCAwvKpk15QK/HmP4+hAJVuY87lZdKV7mCFKHs4P0aQcieQmdDdq8I4Xok=
x-served-by: cache-syd10123-SYD, cache-fra19138-FRA
last-modified: Tue, 29 Jun 2021 03:41:15 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:39:21 GMT
vary: Accept-Encoding
x-amz-request-id: SNQBK5YTE073QR8G
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1, 1

GET
H2 200 tick.svg
subscribe.afr.com/img/student-subs/ 247 B
530 B 10ms
8ms Image
image/svg+xml 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/tick.svg
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d308a45c672c17e1de57520b35c0b41e415b52145ac86528ce0c90651082c34

Request headers

:path: /img/student-subs/tick.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .XSPFG7B8U24Ek3guFvupkLoS2Uwk_Va
content-encoding: gzip
etag: "760c34a9db7f14acf0c439eab0f48cb0"
age: 88
x-cache: HIT, HIT
content-length: 195
x-amz-id-2: wrASFWxN7fekl49eoEQA1c6E6qAsCX7/4Rx29/w5vEUku6mESO1f/fcetDHjdzV6lvE2cLOAQUM=
x-served-by: cache-syd10146-SYD, cache-fra19138-FRA
last-modified: Mon, 05 Jul 2021 01:33:04 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:39:21 GMT
vary: Accept-Encoding
x-amz-request-id: F11MSJS01J5DDFQF
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1, 1

GET
H2 200 tile-1.png
subscribe.afr.com/img/student-subs/ 4 KB
4 KB 10ms
8ms Image
image/png 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/tile-1.png
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eb370958ebfda49da350a47b04991745dcfdcebca2208353ad413f6c8a65ef4

Request headers

:path: /img/student-subs/tile-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RNAgOfxL3MlAJQG8XqaCp.bXaz5TMPrl
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:04 GMT
server: AmazonS3
age: 88
etag: "64c2967dcf2e337f3a9423693e67ab60"
x-served-by: cache-syd10182-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: image/png
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 4161
accept-ranges: bytes
x-amz-request-id: Z1YKK0EHJ859AH7Y
x-amz-id-2: 9lqcHGUPtlLUAQmAxRmEtYZy0ZwXvex23x0YzVwdlAZVj7n5aMKnUFWg4qoViRGDs05gqh1h0CI=
x-cache-hits: 1, 1

GET
H2 200 tile-2.png
subscribe.afr.com/img/student-subs/ 26 KB
27 KB 10ms
8ms Image
image/png 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/tile-2.png
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: add2498fa07e98579a6f4e00bc335fc7310cd0be026e14a9f51d2a82a7d099f2

Request headers

:path: /img/student-subs/tile-2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: T9osKJRW7mhhKzcySEMLj7DBHpi9ugDa
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:04 GMT
server: AmazonS3
age: 88
etag: "8bfe3d56f2d68a1091282acf8d56c016"
x-served-by: cache-syd10137-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: image/png
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 27105
accept-ranges: bytes
x-amz-request-id: F1AKN2XCTQ4F7RF5
x-amz-id-2: POjZ4WYFXkxlGp7WCSUn98lq2z2/4d18jCTRRqrLV2QSf7mvC8Q/C3qL1qIzrbyfR5uY95UEcfk=
x-cache-hits: 1, 1

GET
H2 200 tile-3.png
subscribe.afr.com/img/student-subs/ 5 KB
5 KB 9ms
8ms Image
image/png 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/tile-3.png
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9facd244c85f5b24aa12ada5789efd202c3c467e28768c9a19ea07a22c6ecd89

Request headers

:path: /img/student-subs/tile-3.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wCw2o9mnikW7yVAz3wIvPULL04rJ2i.6
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:04 GMT
server: AmazonS3
age: 88
etag: "3b79541baa9ac8e323b42287e36d00ea"
x-served-by: cache-syd10162-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: image/png
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 5390
accept-ranges: bytes
x-amz-request-id: BTH57SRZ0385PJM8
x-amz-id-2: GEASXW+tlzfbs+32yagto3yb4UAqqMKjg4sAOw4s35QB5X0TcsxUPen8YIWLIK7+6qZyZJppPlQ=
x-cache-hits: 1, 1

GET
H2 200 tile-4.png
subscribe.afr.com/img/student-subs/ 24 KB
24 KB 9ms
7ms Image
image/png 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/tile-4.png
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c59dc3d16a8d10f28848406e948ba04ee674fd143e6dcda09449bf17e0d41e2

Request headers

:path: /img/student-subs/tile-4.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UDo_t7_IlKgZd0.wJcfr_X70cw4o3uES
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:04 GMT
server: AmazonS3
age: 88
etag: "c3e45bdd737f18b899cb04fdae6cf1c7"
x-served-by: cache-syd10168-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: image/png
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 24540
accept-ranges: bytes
x-amz-request-id: JCXKBDQ6MQD196JG
x-amz-id-2: I/VDcMlb0H31BP3DroHYqoEOytOxdogYx8pzGqZys3WyuyMhuTha3kOSpD1I0x58F6nWrhyPqi8=
x-cache-hits: 1, 1

GET
H2 200 mid-section-image.png
subscribe.afr.com/img/student-subs/ 51 KB
51 KB 15ms
13ms Image
image/png 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/mid-section-image.png
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c18ccb2ad7ce85961fe227743a7d56bbd0509f0ac9907c83c6ff69a395d485ce

Request headers

:path: /img/student-subs/mid-section-image.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0pHANNnDC7_ku1L.NGElwHrOFoI._bSD
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:04 GMT
server: AmazonS3
age: 88
etag: "c06194819298e446b13d058557aa0df1"
x-served-by: cache-syd10179-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: image/png
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 52050
accept-ranges: bytes
x-amz-request-id: W082BARYGVZKPH2D
x-amz-id-2: 6e8IFs+xqB7Fk+1vBsZPxmYVcjlHWfihlfvDmKdwWgvLDtzEsIpMShmR5wsb3Vo/XmZrRh4i9mI=
x-cache-hits: 1, 1

GET
H2 200 arrow.svg
subscribe.afr.com/img/student-subs/ 199 B
496 B 14ms
13ms Image
image/svg+xml 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/arrow.svg
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 791e4f941145a2c7471642a6a00ff0a3e7a6ed7657cc7198d09149fbfe61128e

Request headers

:path: /img/student-subs/arrow.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: mmnXbxTAwZFGvvV2f3OKVXRz6fuB.VqH
content-encoding: gzip
etag: "9f878b02f50d143e1d3d1a154f9951ad"
age: 88
x-cache: HIT, HIT
content-length: 158
x-amz-id-2: qac6Y+pg55sIwHgku9RnCvANCThURTgmNel18A0cuhQaFnlALtb7VCemU1cYigW68HbsL8M+6WU=
x-served-by: cache-syd10178-SYD, cache-fra19138-FRA
last-modified: Mon, 05 Jul 2021 01:33:04 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:39:21 GMT
vary: Accept-Encoding
x-amz-request-id: Y2FNP49NG2TJF53T
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1, 1

GET
H2 200 footer-image-desktop.png
subscribe.afr.com/img/student-subs/ 104 KB
104 KB 14ms
13ms Image
image/png 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.afr.com/img/student-subs/footer-image-desktop.png
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20e08f02a0165efa2536cc70de0162691357f3ab5b4ea262d91c98cd47c0b78e

Request headers

:path: /img/student-subs/footer-image-desktop.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HcYv5nmjuUuf4bBrnKaXyAqiF2lEBm9K
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:04 GMT
server: AmazonS3
age: 88
etag: "45597a05d20b062d49a9b51b7ec01469"
x-served-by: cache-syd10142-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: image/png
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 106591
accept-ranges: bytes
x-amz-request-id: XB5680P5C5DG9E96
x-amz-id-2: KWuG52OJaWUsFIRcXCZm+mo/frc5P5CzykRuilEk1cqz00wkIe5BLpSXnvq4pBsm3tilc2j7nZ4=
x-cache-hits: 1, 1

GET jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 0
0

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 21ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=rny3etf&ht=tk&f=6958.6959.6960.6961.22660.22667.22668.22670&a=6178811&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/rny3etf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:21 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 jquery-3.3.1.min.js Show response
subscribe.afr.com/js/student-subs/ 85 KB
30 KB 14ms
13ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.afr.com/js/student-subs/jquery-3.3.1.min.js
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

:path: /js/student-subs/jquery-3.3.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JYZJOIjWngBC4ZWRIKB5vB2YWE6MM9we
content-encoding: gzip
etag: "4b57cf46dc8cb95c4cca54afc85e9540"
age: 88
x-cache: HIT, HIT
content-length: 30348
x-amz-id-2: akKw7yJ0fw4rED5CRmfPtBjMIQMookv5txo7K8w+QownsMCSv1ZUS5wZieDKmZOBib2s3bxmxfM=
x-served-by: cache-syd10177-SYD, cache-fra19138-FRA
last-modified: Mon, 05 Jul 2021 01:33:05 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:39:21 GMT
vary: Accept-Encoding
x-amz-request-id: 94875T3V74SEW3SP
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 412 KB
113 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PCVVS3R

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd67b2a939bdcf5838f599dc1aaadd26dd5545c76945170ed5d6dab0af721965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115927
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Aug 2021 02:39:21 GMT

GET
H2

200

embedded Show response
www.myunidays.com/CZ/cs-CZ/partners/afr/ Frame 295C
Redirect Chain

https://www.myunidays.com/partners/afr/embedded/online
https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded/online
https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded

28 KB
7 KB

835ms
834ms

Document
text/html

13.225.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-53.fra2.r.cloudfront.net

Software

Resource Hash

e4a14e62effaf30747f000221f50904e4b80e49b65453ac931faad7089f0b530

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

:method: GET
:authority: www.myunidays.com
:scheme: https
:path: /CZ/cs-CZ/partners/afr/embedded
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subscribe.afr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: UD.TID=325dcc57-d39a-41c8-bc31-74cecd33fec5; temp={"clear-account-cache":"true"}
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subscribe.afr.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 6454
date: Mon, 23 Aug 2021 02:39:23 GMT
cache-control: private, no-store
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 02:39:23 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
strict-transport-security: max-age=86400; includeSubDomains
link: <https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded>; rel="canonical"
content-security-policy-report-only: default-src 'none'; base-uri 'none' ; frame-src 'self' *.unidays.world *.facebook.com *.twitter.com *.doubleclick.net *.youtube.com *.google.com *.snapchat.com; connect-src 'self' *.myunidays.com *.myunidays.com *.adzerk.net https://api.segment.io https://cdn.segment.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com https://www.google.com ; font-src 'self' data: https: ; img-src 'self' data: https: ; media-src 'self' *.unidays.world *.googleapis.com ;script-src 'self' https: 'strict-dynamic' 'unsafe-inline' 'nonce-GlvalFjpAUm3gs0dxLRA2A==' 'sha256-NKhnn/LF4NM+OGllFKE0IOezoJ9y0ugdwHMYlv4C0mw=' 'sha256-23hpOwCCO4hl+g7mqtG4W6iEPkvgZ3JjhT9ztKqkfB8=' 'sha256-SiSpQtoSm3gYHCiSdO7bIdwk6nuhuKyKx6I638RpVMs=' ; style-src 'self' 'unsafe-inline' https: ;
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: hhCBEzpckdB4kULbJPtQ4RDmUTZyNyDS6X02vaHph9E5uZIbUMLIjw==

Redirect headers

content-length: 0
date: Mon, 23 Aug 2021 02:39:22 GMT
cache-control: private, no-store
last-modified: Mon, 23 Aug 2021 02:39:22 GMT
location: /CZ/cs-CZ/partners/afr/embedded
access-control-allow-credentials: true
access-control-max-age: 3600
strict-transport-security: max-age=86400; includeSubDomains
link: <https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded/online>; rel="canonical"
x-cache: Miss from cloudfront
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: AG_PZd3zOaLgEp5cddcctRLHBLg-JdIF1TPKyaUf4X_GmiZnfi4B5w==

GET
H2 200 suecanano-regular-webfont.woff2
subscribe.afr.com/fonts/student-subs/ 18 KB
18 KB 13ms
9ms Font
binary/octet-stream 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.afr.com/fonts/student-subs/suecanano-regular-webfont.woff2
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/css/student-subs/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a44fb6a26732b7892f2802aee69fb0413ecd26b508b5c79720a48c485f4889ee

Request headers

:path: /fonts/student-subs/suecanano-regular-webfont.woff2
pragma: no-cache
origin: https://subscribe.afr.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/css/student-subs/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://subscribe.afr.com
Referer: https://subscribe.afr.com/css/student-subs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZVDnDE8Q4OS5K5dwsrfGI3pW_7LowNk9
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:00 GMT
server: AmazonS3
age: 88
etag: "5be59096d206dea670da7cda2da2b870"
x-served-by: cache-syd10170-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: binary/octet-stream
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 18020
accept-ranges: bytes
x-amz-request-id: 04D752EC4Z3X9GAB
x-amz-id-2: dP7pZw8BOSMqYE19Q7QyxRVW/+zQzSUHNANa4W6KwmU4e7Mrst6QP3rlFYK5DV++TVzyFhgQAwk=
x-cache-hits: 1, 1

GET
H2 200 suecanano-semibold-webfont.woff2
subscribe.afr.com/fonts/student-subs/ 17 KB
18 KB 15ms
10ms Font
binary/octet-stream 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.afr.com/fonts/student-subs/suecanano-semibold-webfont.woff2
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/css/student-subs/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85b23ef2b5d148948a0e393c8af051177f818b7fb18cda003998916666caabee

Request headers

:path: /fonts/student-subs/suecanano-semibold-webfont.woff2
pragma: no-cache
origin: https://subscribe.afr.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/css/student-subs/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://subscribe.afr.com
Referer: https://subscribe.afr.com/css/student-subs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NWiW2VIK3jgQ9oZ57yYphh0veW_lT5XC
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:00 GMT
server: AmazonS3
age: 88
etag: "6798d8423ffc70a05247af33552f581a"
x-served-by: cache-syd10136-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: binary/octet-stream
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 17904
accept-ranges: bytes
x-amz-request-id: G1G0BRVP266EWEVR
x-amz-id-2: rq8yq7GVmYwtKZK1KJKlylOozlnLgA/g/F4SpJp8pe2M8WmKHZFTWbIPNNQx0vYfdqU0oHbLOYs=
x-cache-hits: 1, 1

GET
H2 200 suecahd-bold-webfont.woff2
subscribe.afr.com/fonts/student-subs/ 22 KB
22 KB 14ms
10ms Font
binary/octet-stream 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.afr.com/fonts/student-subs/suecahd-bold-webfont.woff2
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/css/student-subs/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f1b3c20947609880fa669248919d46ad2b26b995cd8f7e2f3d764dff3e47bdb

Request headers

:path: /fonts/student-subs/suecahd-bold-webfont.woff2
pragma: no-cache
origin: https://subscribe.afr.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/css/student-subs/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://subscribe.afr.com
Referer: https://subscribe.afr.com/css/student-subs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Uap8leaLIsjo1osJc8d2aT9.HLqbn1fL
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:00 GMT
server: AmazonS3
age: 88
etag: "b8130ab9e3a08fc5a647a7feafb2a87b"
x-served-by: cache-syd10183-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: binary/octet-stream
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 22596
accept-ranges: bytes
x-amz-request-id: JPJA8VXMSGHANSJX
x-amz-id-2: dRbHHR0Sq8aTSoWjUWXhOBRknnKeapFiX8TX0DJt28uMUGGj1Qu4H3gHvsiRAYmvTNW5kOk88cM=
x-cache-hits: 1, 1

GET
H2 200 suecahd-regular-webfont.woff2
subscribe.afr.com/fonts/student-subs/ 22 KB
23 KB 13ms
9ms Font
binary/octet-stream 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.afr.com/fonts/student-subs/suecahd-regular-webfont.woff2
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/css/student-subs/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 338140f080782dd9fc999b9c240cde15f599e7ffd10b3fd3d9085717d38ad8d3

Request headers

:path: /fonts/student-subs/suecahd-regular-webfont.woff2
pragma: no-cache
origin: https://subscribe.afr.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: subscribe.afr.com
referer: https://subscribe.afr.com/css/student-subs/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://subscribe.afr.com
Referer: https://subscribe.afr.com/css/student-subs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3srLVZ3V8XTOTRA323IUZWRfFWJNg1p8
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 05 Jul 2021 01:33:00 GMT
server: AmazonS3
age: 88
etag: "6c9be7a6acb172ea99e7c7e6f6b1b398"
x-served-by: cache-syd10139-SYD, cache-fra19138-FRA
x-cache: HIT, HIT
content-type: binary/octet-stream
date: Mon, 23 Aug 2021 02:39:21 GMT
content-length: 22968
accept-ranges: bytes
x-amz-request-id: 8QE1KVG2DZ98PN8F
x-amz-id-2: 5jrdUrfkw0GtE4uGnhpMihx0BCh3+6CNc3fUt+V7nvA3cmVlDO4BFGRi4/DiXgwQWT4UQ0uEknE=
x-cache-hits: 1, 1

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 72 KB
25 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c32c5d6d22c9d33c9e999a11ba72102f18ee813f019d742de86778bda72a0b02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "967 / 21 of 1000 / last-modified: 1629497315"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25315
x-xss-protection: 0
expires: Mon, 23 Aug 2021 02:39:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: jQZ/dI/XBImqWnwwRPVsXCAkW5lpxgQFMvv92VNPzIgvL2efF+xm5Uv5YmHSG06mrlRwNr2WjhNZUb5QHGl9hw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 23 Aug 2021 02:39:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-182799.js Show response
static.hotjar.com/c/ 6 KB
3 KB 91ms
30ms Script
application/javascript 13.224.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-182799.js?sv=6

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-53.zrh50.r.cloudfront.net

Software

Resource Hash

259db7fdbc5eb51676d9db90d2f74925e2734325387e25c51fdf7aa991510257

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 28
etag: W/136defce4dd0e453b05db27b32d2610a
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: kkmGY560esTf8bTndHbWekjAakAU4IOQ-hB19bt5XMkSwdYNM6CSDA==
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 02:39:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=15019
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2

200

/ Show response
adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEm... Frame 535D
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=6633783;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail...
https://ad.doubleclick.net/ddm/activity/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_s...
https://adservice.google.com/ddm/fls/p/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_so...
https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_sou...

42 B
798 B

38ms
18ms

Document
image/gif

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7542086929965.858;~oref=https://subscribe.afr.com/

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/p/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7542086929965.858;~oref=https://subscribe.afr.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subscribe.afr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subscribe.afr.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 23 Aug 2021 02:39:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 23 Aug 2021 02:39:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJiuseWOxvICFdGBsgodF_YJkA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7542086929965.858;~oref=https://subscribe.afr.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCVVS3R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3767
date: Mon, 23 Aug 2021 01:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 23 Aug 2021 03:36:34 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 237ms
61ms XHR
application/json 54.171.163.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=50AB0C3A53DB1B290A490D4D%40AdobeOrg&d_nsid=0&ts=1629686361428

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.163.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

071b65a50ec1f739b4e0fc463ad77355d7fb00963e4cf2ec188741ab06f4e28c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v014-00ed441c2.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: UFkgJ0KwTaw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://subscribe.afr.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 796
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 p.js Show response
cdn.parsely.com/keys/afr.com/ 71 KB
25 KB 97ms
35ms Script
application/javascript 13.224.95.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/afr.com/p.js
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-38.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 65048f3a5caf412e3f86a0a830266c0ecc0e604aeadee4399dd7457374152153

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Aug 2021 00:09:59 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 18:08:50 GMT
server: nginx
age: 9001
etag: W/"60ca3e32-11d98"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: I9anQmCDGbp-GEt7uVXmLcZhQ3cKnWaU77aK55Eplg2UFyb3EOhXzg==
expires: Tue, 24 Aug 2021 00:09:20 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724&time=1629686361437&url=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmai...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9724%26time%3D1629686361437%26url%3Dhttps%253A%252F%252Fsubscribe.afr.com%252Fstu...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724&time=1629686361437&url=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmai...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724&time=1629686361437&url=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEma...

0
155 B

640ms
406ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724&time=1629686361437&url=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&liSync=true&e_ipv6=AQI-ks4CmkhUDwAAAXtw4HCTkUS6JiAD4M2tKtUTKOXB9hhefrdEBxVzid_B994ZG0qqaxYN
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:22 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: Glo6xBzPnRYguEFhdysAAA==

Redirect headers

date: Mon, 23 Aug 2021 02:39:22 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724&time=1629686361437&url=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&liSync=true&e_ipv6=AQI-ks4CmkhUDwAAAXtw4HCTkUS6JiAD4M2tKtUTKOXB9hhefrdEBxVzid_B994ZG0qqaxYN
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: AlpkrBzPnRYQLa+v1ioAAA==

GET
H3-29 200 953970877989909 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/953970877989909?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a35f62823163162659645803ea69c2a846ac3bbdc906cbbdb8e66851490416f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73386
x-xss-protection: 0
pragma: public
x-fb-debug: zM+SInW4XOb4FnS9ZYiKFSs73niBYmygGy8K1ZNwBzrFDz0MFu//kmkOIt/wtujrXI4OxH3t/N5XMg5KVxlMLg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 23 Aug 2021 02:39:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 01:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3443
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 23 Aug 2021 02:41:58 GMT

GET
H2 200 pubads_impl_2021081701.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
115 KB 111ms
40ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Aug 2021 08:38:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117161
x-xss-protection: 0
expires: Mon, 23 Aug 2021 02:39:21 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 130 B
758 B 111ms
41ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=subscribe.afr.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8c200053c7c4e75f4108422bd7dff90393aa461bf38cf606252a73f42ec1e3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Aug 2021 02:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101
x-xss-protection: 0
expires: Mon, 23 Aug 2021 02:39:21 GMT

GET
H3-29 200 1655917147996122 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1655917147996122?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b95b00c192fc8bea51016abc2163ed43bbd79098b5509d19a552089b4b204eba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: yfBcTy12/QT3I8lct/BWWEDVwv1xVuwsc+EnAiEoV2mG6pp/eNuYiBuoGkpx3CZIX3zkzFC7WjF6+kw6c4rX1g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 23 Aug 2021 02:39:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=953970877989909&ev=PageView&dl=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&rl=&if=false&ts=1629686361485&cd[brand]=(not%20set)&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629686361484.339883209&it=1629686361445&coo=false&rqm=GET

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 23 Aug 2021 02:39:21 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 12ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=295804832&t=pageview&_s=1&dl=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&ul=en-us&de=UTF-8&dt=Subscription%20bundles%20selection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALAAAAAC~&jid=625292378&gjid=658235948&cid=878178528.1629686361&tid=UA-91053368-8&_gid=1975285915.1629686361&_r=1&gtm=2wg8i0PCVVS3R&cd1=afr&cd2=2020-02-03T00%3A00%3A07.000Z&cd3=2020-02-03T00%3A01%3A22.000Z&cd4=(not%20set)&cd5=WEB&cd6=53EA8744-7785-4E91-B37A-5685F3FFF0B6&cd7=bundles&cd8=Myfairfax&cd9=Subscriber%20Hub&cd10=myffx&cd12=false&cd21=Subs%20%26%20Growth&cd27=(not%20set)&cd30=bundles&cd40=desktop&cd42=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&cd46=Subscription%20bundles%20selection&cd48=EM_EM_STU&cd54=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&promo1id=EM_EM_STU&promo1nm=&promo1cr=&promo1ps=&z=1264483014

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 02:39:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.afr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e763089bec9f2503d752.js Show response
script.hotjar.com/ 221 KB
59 KB 95ms
35ms Script
application/javascript 13.224.102.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e763089bec9f2503d752.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-182799.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-55.zrh50.r.cloudfront.net

Software

Resource Hash

b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 10:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 403636
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59555
access-control-allow-origin: *
last-modified: Wed, 18 Aug 2021 10:31:58 GMT
etag: "59b0bd2bf71a6ea4a84151c51b91fba8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: CgbfXw17e0hx71U7cr1w6Xu7XZrmvKBYlYKouAvKPiIJLQStFDBFQQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-91053368-8&cid=878178528.1629686361&jid=625292378&gjid=658235948&_gid=1975285915.1629686361&_u=aGBAAEAKAAAAAC~&z=476226620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 23 Aug 2021 02:39:21 GMT
content-type: text/plain
access-control-allow-origin: https://subscribe.afr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-91053368-8&cid=878178528.1629686361&jid=625292378&_u=aGBAAEAKAAAAAC~&z=2141415561

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 02:39:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-91053368-8&cid=878178528.1629686361&jid=625292378&_u=aGBAAEAKAAAAAC~&z=2141415561

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 02:39:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.js Show response
d2uhnetoehh304.cloudfront.net/2.11.0-patched/ 97 KB
30 KB 61ms
13ms Script
application/javascript 2600:9000:21f3:8a00:10:2964:9d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:8a00:10:2964:9d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3c78596628f7e53c40bbfd0e9eed225181c4c2933a6e051e8fa46c30b221d1f

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 23:48:38 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 01:09:01 GMT
server: AmazonS3
age: 2343044
etag: W/"80b7ca5bd7a7e17f33545663b8f8423f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 8-vymgjOKKuwjuwlHdryLjI2l2jq1nvDooq366Sdc9ACkT7aPH3hFg==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 487ms
121ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1629686361552&plid=12298775&idsite=afr.com&url=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_pageviewID%22%3A%2253EA8744-7785-4E91-B37A-5685F3FFF0B6%22%2C%22user_engagement%22%3A%22not+available%22%7D&sid=1&surl=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&sref=&sts=1629686361548&slts=0&title=Financial+Review+-+Student+Subscriptions&date=Mon+Aug+23+2021+04%3A39%3A21+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=61008558&u=pid%3D844cd88af41662c6248f043026f55a90
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 02:39:21 GMT
Cache-Control: no-cache
Last-Modified: Monday, 23-Aug-2021 02:39:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 26BF 2 KB
1 KB 91ms
29ms Document
text/html 13.224.102.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-182799.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-94.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://subscribe.afr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subscribe.afr.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: O4x6UaQueE11eJlsYbwZ1T9084zA002wscDHk2f6dXTuNRBtaoxEgA==
age: 3118971

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1655917147996122&ev=PageView&dl=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&rl=&if=false&ts=1629686361578&cd[brand]=(not%20set)&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629686361484.339883209&it=1629686361445&coo=false&rqm=GET

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 23 Aug 2021 02:39:21 GMT

OPTIONS
H/1.1 200
OK tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 0
0 1260ms
312ms Preflight 13.55.151.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Server: 13.55.151.243 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-55-151-243.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://subscribe.afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://subscribe.afr.com
Date: Mon, 23 Aug 2021 02:39:22 GMT
Server: akka-http/10.0.9
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK tp2 Show response
i.ffx.io/com.snowplowanalytics.snowplow/ 2 B
441 B 1260ms
315ms XHR
text/plain 13.55.151.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.55.151.243 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-55-151-243.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 02:39:23 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://subscribe.afr.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

GET
H/1.1 200
OK dest5.html Show response
nd.demdex.net/ Frame 04E8 7 KB
3 KB 222ms
55ms Document
text/html 52.214.44.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.demdex.net/dest5.html?d_nsid=0

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.44.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-44-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: nd.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://subscribe.afr.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=74598879622205479772130166275676649045
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://subscribe.afr.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 23 Aug 2021 02:39:21 GMT
DCS: dcs-prod-irl1-1-v014-0b374424a.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 20 Aug 2021 11:53:50 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: h0ahdKTQRsU=
Content-Length: 2791
Connection: keep-alive

POST
H/1.1 200
OK event Show response
nd.demdex.net/ 2 KB
1 KB 238ms
64ms XHR
application/json 52.214.44.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.demdex.net/event?_ts=1629686361430

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.44.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-44-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

91128655e9af98045035d85d46df0be8e62259deac66848a63e10480b0e7418f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v014-0916797f4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: cobz0abzRg4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://subscribe.afr.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 668
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YSMKWQAAAHFxfQQf
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=74598879622205479772130166275676649045
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSMKWQAAAHFxfQQf

42 B
945 B

63ms
63ms

Image
image/gif

54.171.163.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSMKWQAAAHFxfQQf

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.163.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v014-09ed448bb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: L6cpJ8w2S18=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YSMKWQAAAHFxfQQf
Date: Mon, 23 Aug 2021 02:39:21 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=8930743663496181657
dpm.demdex.net/ Frame 04E8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8930743663496181657

42 B
951 B

60ms
60ms

Image
image/gif

54.171.163.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=8930743663496181657

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.163.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v019-0d3551492.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EDn6eiHUQDs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 23 Aug 2021 02:39:21 GMT
X-Proxy-Origin: 89.238.186.92; 89.238.186.92; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9ecbbffd-2144-4e6c-8125-e9007eca52f3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=8930743663496181657
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEFqvHpIBxpebLNBsNtrXpRk&google_cver=1
dpm.demdex.net/ Frame 04E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzQ1OTg4Nzk2MjIyMDU0Nzk3NzIxMzAxNjYyNzU2NzY2NDkwNDU=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFqvHpIBxpebLNBsNtrXpRk&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

61ms
61ms

Image
image/gif

54.171.163.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFqvHpIBxpebLNBsNtrXpRk&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.163.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v014-08ff900a0.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bsAIF6m4R0o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 23 Aug 2021 02:39:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFqvHpIBxpebLNBsNtrXpRk&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

sync
pixel.advertising.com/ups/28/ Frame 04E8
Redirect Chain

https://pixel.advertising.com/ups/28/sync?uid=74598879622205479772130166275676649045&_origin=1&redir=true
https://pixel.advertising.com/ups/28/sync?uid=74598879622205479772130166275676649045&_origin=1&redir=true&verify=true

0
254 B

33ms
33ms

Image
text/plain

18.156.147.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/28/sync?uid=74598879622205479772130166275676649045&_origin=1&redir=true&verify=true

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.156.147.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-147-57.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:22 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/28/sync?uid=74598879622205479772130166275676649045&_origin=1&redir=true&verify=true
date: Mon, 23 Aug 2021 02:39:22 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame 04E8
Redirect Chain

https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s

42 B
963 B

133ms
61ms

Image
image/gif

54.171.163.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.163.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v014-0cc77c74c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: XDS4DLplS30=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 23 Aug 2021 02:39:22 GMT
server: nginx
etag: "60b842b2-cde"
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location: https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
cache-control: max-age=0, no-cache, no-store
content-type: text/html
content-length: 154
expires: Mon, 23 Aug 2021 02:39:22 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 04E8
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=74598879622205479772130166275676649045&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Y1LFQEpE2pHvFMCCS.ABsOUGEpSte4q.kGE-~A

42 B
945 B

62ms
62ms

Image
image/gif

54.171.163.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Y1LFQEpE2pHvFMCCS.ABsOUGEpSte4q.kGE-~A

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.163.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v014-02cf0aa0d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: un7cmvuzSf4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 23 Aug 2021 02:39:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Y1LFQEpE2pHvFMCCS.ABsOUGEpSte4q.kGE-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

ibs:dpid=72352&dpuuid=15160152685677781666&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 04E8
Redirect Chain

https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=15160152685677781666&gdpr=0&gdpr_consent=

42 B
945 B

83ms
60ms

Image
image/gif

54.171.163.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=72352&dpuuid=15160152685677781666&gdpr=0&gdpr_consent=

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.163.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v014-0476e9a50.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: g1W08b9KRWA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=72352&dpuuid=15160152685677781666&gdpr=0&gdpr_consent=
date: Mon, 23 Aug 2021 02:39:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 04E8
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=74598879622205479772130166275676649045
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=74598879622205479772130166275676649045

0
338 B

172ms
56ms

Image
text/plain

34.250.89.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=74598879622205479772130166275676649045
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.89.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-89-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:23 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1629686363
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=74598879622205479772130166275676649045
date: Mon, 23 Aug 2021 02:39:22 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 04E8 0
411 B 473ms
95ms Image
text/html 2600:1f18:6593:f608:78e4:ddc4:e083:81a6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by: Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f608:78e4:ddc4:e083:81a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nd.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Aug 2021 02:39:23 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=953970877989909&ev=Microdata&dl=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&rl=&if=false&ts=1629686362988&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Financial%20Review%20-%20Student%20Subscriptions%22%2C%22meta%3Adescription%22%3A%22Subscribe%20to%20the%20Financial%20Review%20for%20unlimited%20digital%20access%20to%20Australia%27s%20leading%20business%20news%20and%20market%20insight.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629686361484.339883209&it=1629686361445&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 23 Aug 2021 02:39:22 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1655917147996122&ev=Microdata&dl=https%3A%2F%2Fsubscribe.afr.com%2Fstudent-offer%3Fpromote_channel%3DEM_EM_STU%26utm_source%3DEmail%26utm_medium%3DEmail%26utm_campaign%3DStudent&rl=&if=false&ts=1629686363080&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Financial%20Review%20-%20Student%20Subscriptions%22%2C%22meta%3Adescription%22%3A%22Subscribe%20to%20the%20Financial%20Review%20for%20unlimited%20digital%20access%20to%20Australia%27s%20leading%20business%20news%20and%20market%20insight.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629686361484.339883209&it=1629686361445&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: subscribe.afr.com
URL: https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 23 Aug 2021 02:39:23 GMT

GET
H2 200 au.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 1011 B
1015 B 109ms
30ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/au.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29b8b4876cbc2890451456d3a48952741282480812c92fe3c952668e8c20d1ae

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 10:02:39 GMT
content-encoding: gzip
age: 9563805
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 522
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "a04004ce88ea82fba1769411ecc087c3"
x-amz-version-id: wv9JgbiUU2sRuZznKpY.hNzW4Qne2bWY
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: SLPvJJcs5_1uVV8c64WiZNURSZw6YaCJtIGoI3d6Z-HNMlXWG021BA==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 be.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 233 B
673 B 109ms
31ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/be.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e6c72fc20041756446ed284e3ea5afe99719771a2d3288e21e747206097fd05

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 22:56:19 GMT
content-encoding: gzip
age: 3814985
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 181
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "1a26af21f1a469ea63e742905930ad10"
x-amz-version-id: 2z6MvJBi9fz2tP5cqSeFD4mORFw7Tifx
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: pa8UWa5dlNgDIfelI87GwByRW0O7xcibgVguseby4koaxC44xLWwIw==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 ca.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 497 B
833 B 105ms
31ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/ca.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54d184ebf615d2318df74e0a06a5d530543357333a54fa10e0fbec5008f34353

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 23:42:19 GMT
content-encoding: gzip
age: 2343425
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 341
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "a09993aaf30c29ee2c5630a30365590b"
x-amz-version-id: 1mGGW2IOunoFNFJ.JPCSzyp8i9_TvLNp
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: CGnCq9sTujk1NJNuSl8kczoV05zERyKDsOjO3sYUC3Ol5TpaZidwEQ==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 dk.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 252 B
685 B 105ms
31ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/dk.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 311f516c266561a87bde34523b090fdcd88841da7c489e9bad2a011e2b540ecc

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 22:56:19 GMT
content-encoding: gzip
age: 3814985
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 189
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "68bfa4fa5e29205f87594c2b5b7ed996"
x-amz-version-id: vkQOIzmnKuqnwWzbJYecCU9VECoM2Xk_
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: dmzarh87UVyGDrhDoUdHXZIUWJchUiAqUOn8WcXl6zPGpcqh4UJNUg==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 de.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 180 B
634 B 105ms
31ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/de.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4a6b520b4516b439e779494b3d836def3d5d82a6dd272e53edb47fa63fc208a

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 22:56:19 GMT
content-encoding: gzip
age: 3814985
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 139
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "51c7a4d473264342b5e9041c65fdbd27"
x-amz-version-id: X3cmwUoXga7dFakKRE5EfbdQn57pxeCf
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: 2t4wlE_57lP3WeuU6YRXdQGXIvrdaTxmyCFjnazTI-UJWQDY-ujP9w==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 es.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 3 KB
2 KB 105ms
32ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/es.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1d280b6510466499398f0a5b48a8f5bc01da95ea6c6cf8555576b2df3d1b207

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 23:55:37 GMT
content-encoding: gzip
age: 2342627
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 1450
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "f90b4390e7eb887d8ec1983571647da1"
x-amz-version-id: 5myROSDiE8xt6238jhZ3RNfiORYtAkCr
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: b2WywBsetKo8MZnTX2cmKA9HWXX0jU6kbjRW7BiatZxwGvyCbNjFjw==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 fr.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 313 B
694 B 30ms
28ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/fr.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a3eaa512927a1db3c2cbfcd760b8eead07cdfb22b34a6be2dae6825c2ad296d

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 22:56:19 GMT
content-encoding: gzip
age: 3814985
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 201
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "79596b31017de544d1ab50e1ca513c74"
x-amz-version-id: puMUTd1dd.lBti4VA_f3GdKwkU1Yjl3E
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: qHD_a-tN5W7vvkNZMvgmy9ZPNjaN_2qnEeoSs3o2Az7YmR0-3RVCvQ==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 in.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 881 B
830 B 39ms
38ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/in.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 116156976e21f0786c94a1ea8b3015ce693551b4e7907fd53b3d79dbbf9628f5

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 22:56:19 GMT
content-encoding: gzip
age: 3814985
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 337
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "56ab864c5b69064acbd1cd8d6ba76227"
x-amz-version-id: YX2oBo6OAutbBYMWHrZVWxpZmBq3.SaM
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: Cgj-zZpCG6V_tYK4KBoSZ3i7pUe2Wc08A2OglZoRAdopu1ehoK4uXQ==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 id.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 237 B
680 B 40ms
38ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/id.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9871d91b6b58310831a0d78b904e44eb92a64630ac219ac43165d0ca8f0dacd

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 18:32:57 GMT
content-encoding: gzip
age: 6422787
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5440
x-amz-meta-build-date: 2021-03-30T13:16:47.633Z
content-length: 187
last-modified: Tue, 30 Mar 2021 13:17:04 GMT
server: AmazonS3
etag: "a662ae227a588a352ebd108ac82e96e5"
x-amz-version-id: vETV8KHaMJgMivmgxUARXy6nEpNEz2y2
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: cRsN5-AFmoN5ETVf4XEo7AHoUwWM8y4AYAavurvk5MCKQ4Q0ZpRB9A==
x-amz-meta-build-rev: f05eb28a

GET
H2 200 ie.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 241 B
674 B 34ms
33ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/ie.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c448f36c5f2ad4a77a153c4b6334d1b5c40bf7534b98f0141f3bbc4289d06fe

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 13:42:57 GMT
content-encoding: gzip
age: 12574587
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 180
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "d0513d7d95a153c2e7c57f6c916b9bb4"
x-amz-version-id: VyreKORDu0DWB6QMhjOiDrUpaC2jidX8
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: N0h9NzWg74PSNFMzC7IpQXkHUG5YO01RZA6psa0N5rA9s2m0by0yIQ==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 it.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 313 B
694 B 34ms
33ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/it.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 088efda2cc6c430f1906528cd11cfff8cbdf063cea196de822c489ecc4b0ae08

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 01:53:15 GMT
content-encoding: gzip
age: 3890769
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 200
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "56f26adea4c4330fecbb9856afa4340b"
x-amz-version-id: GyLTIkW6zCWyIjC2pvLVTKHMiukfJ7fO
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: 3Ro9Z0NvtAqauc-Z8RH12T0Nm7haFUKQjizfH0Ozo2Emtb0GATntmw==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 my.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 1 KB
899 B 35ms
34ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/my.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 702a90d033e47592ff63482842a2b9a3c8021e8ecc459451e368f602759ce7a3

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 00:45:29 GMT
content-encoding: gzip
age: 6141235
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 404
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "317bda34b063d88346a2574973b798a9"
x-amz-version-id: ZNgG_edEuP_AxMCrIEN1I3sOYTS_9XkV
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: CAOBkaoboPT4QZBvNKZhbXdOfIZW0QR8k2o3zSayMqXzQdfk51IAZg==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 nl.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 249 B
673 B 35ms
34ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/nl.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3daaba1fec3c7c505b4f5b675e7e48166be7b2d63d5401fd1300bd2ab8c6a020

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 00:09:56 GMT
content-encoding: gzip
age: 3378568
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 179
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "17474a4352303a9a8884aa2cc5b58d8a"
x-amz-version-id: YAWP1gCGbRxk9ZOwYSTl__uMXbYVmMOq
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: dWvnyJhF7gKInZNzEQaCEpyMnvR7-UxeT1Wip_wahCbur3oEKJ6ZgA==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 nz.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 1 KB
1 KB 36ms
35ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/nz.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a5db96a8dda4192925cb93200bd619dd2376a9810b1b4658a4763466fc192f3

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 21:40:12 GMT
content-encoding: gzip
age: 6497952
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 670
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "c24b9e8df90c10989b1e31c6edf85d6b"
x-amz-version-id: mG4Q9igbWo8fXw_H2PZQkZdWruQ6mXcd
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: zsPrNuZhqbz8U5js_rFpIBvvv8mwNLBBVzaT5XrsjF8EhokOXFb_Hg==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 no.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 311 B
720 B 36ms
35ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/no.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c3af2327836a3c4e1770708d8624c7f852337a413c11ead68bc9e697594f454

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 11:03:00 GMT
content-encoding: gzip
age: 3857784
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 227
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "8edec85079fe20ff4f104006dff5756a"
x-amz-version-id: D98Ys_r4kSE47qIRIMck6bcAC9fbEEyX
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: dDoxnYCevoWib2yISpUFbX1C7aYKWiIP2W12PzPWXpbl-dWmPQWmAA==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 at.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 274 B
692 B 37ms
35ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/at.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d887f7f4db7f2d0c1f1144437f81895ee21c31b1ff80536f0dd73bca196626b8

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 22:56:19 GMT
content-encoding: gzip
age: 3814985
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 197
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "b64b154220b9fd2fb3eedfc8388a9bcd"
x-amz-version-id: lWXYF_pvm5dd5UFxnRcwIjTL86ApyQb1
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: UXcByYqlpXYVvBpVjSAI3ZUuH2lytJNnmY6RRKCzQYGfL_c5yeBRow==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 ch.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 278 B
705 B 37ms
36ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/ch.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9fb9b96f74fbbf511105c3d458db83377134c81d73bc5be6b164c22c57aee51

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:01:02 GMT
content-encoding: gzip
age: 2342302
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 214
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "3748900e843c0b2bf61c7799eeb65d13"
x-amz-version-id: 0fIthwHeAStJ4mtF.QKqMxTLO52_.Pdi
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: ESxO3tKpM_tJXjx01uuSnCutvU72clb2ffjPpPemQob9XFHNr6hA1w==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 sg.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 657 B
824 B 37ms
36ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/sg.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bfef000f661f2d74514b4bc16343cd9472d67728c063723d715b9a2052ee22b

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 07:11:49 GMT
content-encoding: gzip
age: 3871655
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 331
last-modified: Mon, 22 Mar 2021 10:57:43 GMT
server: AmazonS3
etag: "f86f8a0821135093847d00961f809fbd"
x-amz-version-id: SYB1iFiCxz.0p1c1LqoMHVYS6X1FfVne
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: LnuumkxljCxFxnYjEFuozX21aMEt5rNcgMoBQqHN2hrp8JYj2ewcRg==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 fi.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 197 B
641 B 38ms
37ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/fi.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f84979cd2620b04fc21fbb01567a5288d5b0dbf29ef9cb4f01f8b4f8b312016

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 01:37:10 GMT
content-encoding: gzip
age: 3891734
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 147
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "68046ef9c54f394b8736f5f30afab51b"
x-amz-version-id: rjkd42EeuKN.yi9NQzHMF8ULZ9o1vzHP
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: l1ncz9pCk8Hzq8rgEIVbHZB4cFCGTaaRi4ANUuyIzcMMJzzEJop1fQ==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 se.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 549 B
809 B 38ms
37ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/se.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fa610a406a8c6ec4f5181c976dc73335bb8265627a49b4ce9a755ff4e76c9a5

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 00:09:56 GMT
content-encoding: gzip
age: 3378568
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 315
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "a49e24fd6deda6f7ddb0ad94e6ec6096"
x-amz-version-id: VGuDUJr4PwODO7K1ZB9IDtsTXJ4R1xiP
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: mFHno1w-2qSYogH569LEdthPDQtvxzF08aY2GU18B-IfQ2nxdzQYOg==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 gb.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 531 B
845 B 39ms
38ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/gb.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b08a5694c54434d8d8c8ad808dcb991ff0e2583d29cfaecedfd668b06dd70e9d

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 23:55:37 GMT
content-encoding: gzip
age: 2342627
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 352
last-modified: Mon, 22 Mar 2021 10:57:42 GMT
server: AmazonS3
etag: "d64d110b629b36d35f35b37b87b7e661"
x-amz-version-id: dKdQK1vR5v6R6K7.a_WcZuzq0sR7hZEf
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: 45l1L0UJ1fwyGcr7XvbVqyIsSimnr8a38h-WzlT-TF5uPVQHGwd1Uw==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 us.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 3 KB
1004 B 40ms
39ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/us.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae47b7a2b0685219de8d4b0a320fc4c96ec86ebbdbfb9cdf33f82c565e3ccc64

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 01:53:15 GMT
content-encoding: gzip
age: 3890769
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5414
x-amz-meta-build-date: 2021-03-22T10:57:27.289Z
content-length: 511
last-modified: Mon, 22 Mar 2021 10:57:43 GMT
server: AmazonS3
etag: "b1022a17ca3ed03c85ae13bb0192862c"
x-amz-version-id: 31Na8RgkiJyQ9xSB6re3_BPxSLnR8wgD
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: 94D94kNynYctgS8FIF6EIb3Xd4XuHoBLErtHHnpBupr56iW7oR5vhw==
x-amz-meta-build-rev: bd14bf77

GET
H2 200 vn.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 488 B
828 B 40ms
39ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/vn.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 822f635d5af4075e9700c5acb7d650ac6410db904ffd63625586e944b7a8613d

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 22:56:19 GMT
content-encoding: gzip
age: 3814985
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5440
x-amz-meta-build-date: 2021-03-30T13:16:47.633Z
content-length: 335
last-modified: Tue, 30 Mar 2021 13:17:04 GMT
server: AmazonS3
etag: "cdbcb63a036ecafaaba7a25b0cb50800"
x-amz-version-id: L5vOqc2xF6zLBWYGbCM2970lERGCx_g2
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: nz81dG7xxzK-rWm65pSxzws5CFqVslbem6an_ZT_i5fOwnUhF4mSuA==
x-amz-meta-build-rev: f05eb28a

GET
H2 200 th.svg
assets1.unidays.world/v5/main/assets/images/flags/ Frame 295C 287 B
692 B 40ms
39ms Image
image/svg+xml 13.224.102.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets1.unidays.world/v5/main/assets/images/flags/th.svg
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-33.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e206b563d27b5a7a3f7cabf944d6d278e6e8640018a72ce7b7ff989f1396df9

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 00:12:14 GMT
content-encoding: gzip
age: 2514430
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5440
x-amz-meta-build-date: 2021-03-30T13:16:47.633Z
content-length: 200
last-modified: Tue, 30 Mar 2021 13:17:04 GMT
server: AmazonS3
etag: "e765e05ae7693ce3db99e82f4f0285a3"
x-amz-version-id: Xj6zcEZp8boElgwVq3zZIFVPmRn6gvAf
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: inP3-gWM0yD84QMwn13fHMCbsN1G8Qhqoiv40RuPeQzSlElxyMrshQ==
x-amz-meta-build-rev: f05eb28a

GET
H2 200 ud-icons-v26.woff
www.myunidays.com/icons/ Frame 295C 10 KB
11 KB 34ms
33ms Font
font/woff 13.225.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myunidays.com/icons/ud-icons-v26.woff
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-53.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93840cff133ea240ca822a6cd73422efab46c8052b330b025f788e4328385e4c

Request headers

Origin: https://www.myunidays.com
Referer: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
etag: "2142bfae9e8b0b37521107002fb8adc4"
age: 41309
x-cache: Hit from cloudfront
content-length: 10316
last-modified: Fri, 07 Sep 2018 09:46:44 GMT
server: AmazonS3
date: Sun, 22 Aug 2021 15:10:54 GMT
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.myunidays.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Oq02PH9egx5GKfkjmVvaV4q4ntbxxOCdHKKSJWtbwoDtZyKlKt7SYg==

GET
H2 200 all-book.woff2
www.myunidays.com/unidays/v1/ Frame 295C 11 KB
12 KB 55ms
54ms Font
font/woff2 13.225.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myunidays.com/unidays/v1/all-book.woff2
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-53.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd4e4e36fbe6360f7c6096eee230cbae4bde40f58dc20c394836e745495c77aa

Request headers

Origin: https://www.myunidays.com
Referer: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 01:58:00 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
age: 2594484
x-cache: Hit from cloudfront
content-length: 11600
last-modified: Fri, 07 Sep 2018 09:41:08 GMT
server: AmazonS3
etag: "e063a740dd79f17c88be5956217e3dc5"
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: https://www.myunidays.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: ZiUca1YfLYmfwDjBPMLVomgQY4-tPwQs6X7MqRot5YkfENdqwxyxXw==
expires: Fri, 01 Jan 2038 00:00:00 GMT

GET
H2 200 all-demi.woff2
www.myunidays.com/unidays/v1/ Frame 295C 11 KB
12 KB 41ms
41ms Font
font/woff2 13.225.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myunidays.com/unidays/v1/all-demi.woff2
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-53.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efd0fb25bc198ca9e11c03cf9d9d1b1da75a705453edf3bbed3c8d3e8fa7e28d

Request headers

Origin: https://www.myunidays.com
Referer: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 01:19:04 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
age: 17284819
x-cache: Hit from cloudfront
content-length: 11568
last-modified: Fri, 07 Sep 2018 09:41:09 GMT
server: AmazonS3
etag: "5fa59dcab243397b28845ab6a6785c10"
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: https://www.myunidays.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: hFhEDIl_bbLoTcXfn7mLYeGdgkqFfjU-VtxSfybbQg8pzvDfORDYQA==
expires: Fri, 01 Jan 2038 00:00:00 GMT

GET
H2 200 all-heavy.woff2
www.myunidays.com/unidays/v1/ Frame 295C 11 KB
11 KB 49ms
49ms Font
font/woff2 13.225.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myunidays.com/unidays/v1/all-heavy.woff2
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-53.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 258026d0395e9f294a8d391c8124653bbb4d19fcf11bcf8a76646d9b1c97c043

Request headers

Origin: https://www.myunidays.com
Referer: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 08:38:13 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
age: 16826471
x-cache: Hit from cloudfront
content-length: 10892
last-modified: Fri, 07 Sep 2018 09:41:07 GMT
server: AmazonS3
etag: "e38c0a074d82619c85410e1907c10a14"
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: https://www.myunidays.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: qYru223qh5HFd-kWCeZh0u66Gu96y200rJYK3tJX_nnX2sinpEkJSA==
expires: Fri, 01 Jan 2038 00:00:00 GMT

GET
H2 200 sha256-gzR7idvZjYd%2bKEG%2b18LdyxaFA0%2bozFFfSpNHAEv22bg..js Show response
www.myunidays.com/ Frame 295C 346 KB
109 KB 63ms
63ms Script
application/javascript 13.225.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myunidays.com/sha256-gzR7idvZjYd%2bKEG%2b18LdyxaFA0%2bozFFfSpNHAEv22bg..js
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-53.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83347b89dbd98d877e2841bed7c2ddcb1685034fa8cc515f4a9347004bf6d9b8

Request headers

Origin: https://www.myunidays.com
Referer: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:13:46 GMT
content-encoding: gzip
age: 390338
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5727
x-amz-meta-build-date: 2021-08-18T13:53:58.470Z
content-length: 110748
last-modified: Wed, 18 Aug 2021 13:54:16 GMT
server: AmazonS3
etag: "3b1e2cdee112682e9f2c9c44da0cc6d8"
x-amz-version-id: 0r4OFiUpUIWdEUWTtroz6PPryTx980Gn
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: qZaBcDJfOhrBNJDzP6SbeRKbPrBE-QHNubIvQuzs-oAWGlrKJ1gfcQ==
x-amz-meta-build-rev: e3027502

GET
H2 200 sha256-0b%2b2mukiQrfatxW8ZS2Awo_%2bVfBI_nEXOr5Qnyc4Rv0..css
www.myunidays.com/ Frame 295C 294 KB
43 KB 60ms
59ms Stylesheet
text/css 13.225.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myunidays.com/sha256-0b%2b2mukiQrfatxW8ZS2Awo_%2bVfBI_nEXOr5Qnyc4Rv0..css
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-53.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1bfb69ae92242b7dab715bc652d80c28ffe55f048fe71173abe509f273846fd

Request headers

Origin: https://www.myunidays.com
Referer: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 13:16:16 GMT
content-encoding: gzip
age: 1603388
x-cache: Hit from cloudfront
x-amz-meta-build-number: 5674
x-amz-meta-build-date: 2021-07-28T09:32:22.330Z
content-length: 43201
last-modified: Wed, 28 Jul 2021 09:32:38 GMT
server: AmazonS3
etag: "b15588a9f808fef1a0432bb60688a762"
x-amz-version-id: rvzPmsFobZz30uRFzDWOJwhtPuMWHUKf
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: text/css; charset=UTF-8
x-amz-cf-id: 5bGaOLbtCwBXOHoLF7tJmWrlVwPT1ydYjUNlb5J3CZ52sdgT1aE1LQ==
x-amz-meta-build-rev: 3aac2cb6

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflhiN9BI/ Frame 295C 23 KB
9 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflhiN9BI/www-widgetapi.js

Requested by

Host: www.myunidays.com
URL: https://www.myunidays.com/sha256-gzR7idvZjYd%2bKEG%2b18LdyxaFA0%2bozFFfSpNHAEv22bg..js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8680
x-xss-protection: 0
last-modified: Wed, 06 Nov 2019 17:46:15 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 24 Aug 2021 21:02:22 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/sB7kiah6PZGTxOAodoL1dJIMC7Cfk8cw/ Frame 295C 85 KB
23 KB 750ms
658ms Script
text/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/sB7kiah6PZGTxOAodoL1dJIMC7Cfk8cw/analytics.min.js
Requested by: Host: www.myunidays.com
URL: https://www.myunidays.com/sha256-gzR7idvZjYd%2bKEG%2b18LdyxaFA0%2bozFFfSpNHAEv22bg..js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 048fdc85e41e33b200f5befec1157de6ec31daf9e13014ce024ac2f0cb01b4d6

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HreKX_bu9.5C_EZz_gf8110HRW7tGErz
content-encoding: br
etag: W/"d91ad78b752143d035bdb267af15a7eb"
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 29 Jul 2021 02:01:31 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 02:39:24 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: jE8K8PKFpA3UyQDyNINziI33MJDtdnFL1nDtwXQ4GKoQgxB8w6QZDw==

GET
H2 200 data Show response
www.myunidays.com/CZ/cs-CZ/search/ Frame 295C 376 B
671 B 80ms
80ms Fetch
application/json 13.225.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myunidays.com/CZ/cs-CZ/search/data

Requested by

Host: www.myunidays.com
URL: https://www.myunidays.com/sha256-gzR7idvZjYd%2bKEG%2b18LdyxaFA0%2bozFFfSpNHAEv22bg..js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-53.fra2.r.cloudfront.net

Software

Resource Hash

4cbc75df0e6f938b7d8784a3a5cd889c1fa6818dad0f7f114f75185944959ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with: fetch

Response headers

date: Mon, 23 Aug 2021 02:39:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 02:39:23 GMT
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
link
content-length: 251
x-amz-cf-id: 5758Puu90QVCnU4BSzf5hP_UQfaDfLXgFptAqnfh4eMtYZOe6i5IGQ==

GET
H2 200 state-data Show response
www.myunidays.com/CZ/cs-CZ/account/ Frame 295C 773 B
875 B 118ms
118ms XHR
application/json 13.225.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myunidays.com/CZ/cs-CZ/account/state-data

Requested by

Host: www.myunidays.com
URL: https://www.myunidays.com/sha256-gzR7idvZjYd%2bKEG%2b18LdyxaFA0%2bozFFfSpNHAEv22bg..js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-53.fra2.r.cloudfront.net

Software

Resource Hash

93a10652683673203b04f5e7a6e011381c667e6d1dfacfb7ef548529b36aefe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept: */*
ud-viewport: 0
Referer: https://www.myunidays.com/CZ/cs-CZ/partners/afr/embedded
X-Requested-With: XMLHttpRequest
ud-source: www
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:23 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
strict-transport-security: max-age=86400; includeSubDomains
content-length: 428
last-modified: Mon, 23 Aug 2021 02:39:23 GMT
x-frame-options: DENY
access-control-max-age: 3600
content-type: application/json; charset=utf-8
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: private, no-store
access-control-allow-credentials: true
link
x-amz-cf-id: Vax3fAU-vtjvlYd1GPY7P5dFB5In6whzDoSegpdGTCW3kO4kRHQKFA==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/sB7kiah6PZGTxOAodoL1dJIMC7Cfk8cw/ Frame 295C 22 KB
5 KB 99ms
32ms XHR
application/json 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/sB7kiah6PZGTxOAodoL1dJIMC7Cfk8cw/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sB7kiah6PZGTxOAodoL1dJIMC7Cfk8cw/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15f1f54ccfcd041d4139a482acfa3e7776ef8f69ef8a2362fc2a2d128531bf96

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bpvv_NNF6TaAs5cVqQwe8VOTNMopEjeJ
content-encoding: gzip
etag: W/"0fb2787d9ead86cad38fd6856e77e88f"
age: 6127
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 12 Aug 2021 15:24:25 GMT
server: AmazonS3
date: Mon, 23 Aug 2021 00:59:27 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ygib0zfKLOZ59-8DFFNffuu9Tk2MaBL5-puyC3e7rlqw7oZHFX67EA==

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 588ms
122ms Preflight
text/plain 52.72.27.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 52.72.27.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-27-138.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://subscribe.afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://subscribe.afr.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Mon, 23 Aug 2021 02:39:24 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
243 B 124ms
123ms XHR
text/plain 52.72.27.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/13780390039.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.27.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-27-138.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscribe.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://subscribe.afr.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Mon, 23 Aug 2021 02:39:24 GMT
Content-Type: text/plain

POST
H2 200 m Show response
api.segment.io/v1/ Frame 295C 21 B
144 B 597ms
199ms XHR
application/json 52.39.24.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/m
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sB7kiah6PZGTxOAodoL1dJIMC7Cfk8cw/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.24.11 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-24-11.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.myunidays.com
date: Mon, 23 Aug 2021 02:39:24 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 295C 36 KB
14 KB 136ms
66ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.myunidays.com
URL: https://www.myunidays.com/sha256-gzR7idvZjYd%2bKEG%2b18LdyxaFA0%2bozFFfSpNHAEv22bg..js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.myunidays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 02:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 02:39:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 01:00:38	Name: dextp Value: 358-1-1629686361900\|771-1-1629686362001\|6835-1-1629686362102\|19566-1-1629686362203\|30646-1-1629686362304\|72352-1-1629686362405\|66757-1-1629686362505\|796-1-1629686362606
.subscribe.afr.com/	1970-01-19 21:24:38	Name: aam_uuid Value: 74598879622205479772130166275676649045
subscribe.afr.com/	1970-01-20 14:12:38	Name: AMCV_50AB0C3A53DB1B290A490D4D%40AdobeOrg Value: -1303530583%7CMCIDTS%7C18863%7CMCMID%7C74615775681041027942127351731841483350%7CMCAAMLH-1630291161%7C6%7CMCAAMB-1630291161%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1629693561s%7CNONE%7CMCSYNCSOP%7C411-18870%7CvVersion%7C3.3.0
.afr.com/	1970-01-19 20:41:28	Name: _hjFirstSeen Value: 1
.myunidays.com/	1969-12-31 23:59:59	Name: temp Value: {"clear-account-cache":"true"}
.myunidays.com/	1970-01-20 06:11:40	Name: UD.TID Value: 325dcc57-d39a-41c8-bc31-74cecd33fec5
.afr.com/	1970-01-20 05:27:02	Name: _hjid Value: 07c3a763-3921-421e-ad0e-6f011047adb8
.afr.com/	1970-01-20 14:12:38	Name: _sp_id.0af9 Value: 5cec39c5-42d5-46a0-8024-f7b8345e92e8.1629686362.1.1629686362.1629686362.ce3c71ac-4fc6-45e6-8637-e0a783a57340
.afr.com/	1970-01-19 22:51:02	Name: _fbp Value: fb.1.1629686361484.339883209
.afr.com/	1970-01-20 06:10:50	Name: _parsely_visitor Value: {%22id%22:%22pid=844cd88af41662c6248f043026f55a90%22%2C%22session_count%22:1%2C%22last_session_ts%22:1629686361548}
.afr.com/	1970-01-19 20:42:52	Name: _gid Value: GA1.2.1975285915.1629686361
.afr.com/	1970-01-19 20:41:28	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://subscribe.afr.com/student-offer?promote_channel=EM_EM_STU&utm_source=Email&utm_medium=Email&utm_campaign=Student%22%2C%22sref%22:%22%22%2C%22sts%22:1629686361548%2C%22slts%22:0}
.demdex.net/	1970-01-20 01:00:38	Name: demdex Value: 74598879622205479772130166275676649045
.afr.com/	1970-01-20 14:12:38	Name: _ga Value: GA1.2.878178528.1629686361
subscribe.afr.com/	1969-12-31 23:59:59	Name: AMCVS_50AB0C3A53DB1B290A490D4D%40AdobeOrg Value: 1
.afr.com/	1970-01-19 20:41:26	Name: _gat_ffxTracker Value: 1
subscribe.afr.com/	1970-01-19 20:42:52	Name: s_u_chnl Value: none
.afr.com/	1970-01-19 20:41:28	Name: _sp_ses.0af9 Value: *
.afr.com/	1970-01-19 22:51:02	Name: _gcl_au Value: 1.1.357913054.1629686361

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://cdn.segment.com/analytics.js/v1/sB7kiah6PZGTxOAodoL1dJIMC7Cfk8cw/analytics.min.js(Line 1) Message: [analytics.js] Failed to load Analytics.js TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.segment.io
assets1.unidays.world
beacon.krxd.net
cdn.optimizely.com
cdn.parsely.com
cdn.segment.com
cdnjs.cloudflare.com
click.email.fairfaxmedia.com.au
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d2uhnetoehh304.cloudfront.net
dmp.v.fwmrm.net
dmpsync.3lift.com
dpm.demdex.net
errors.client.optimizely.com
i.ffx.io
ib.adnxs.com
image5.pubmatic.com
maxcdn.bootstrapcdn.com
nd.demdex.net
p.typekit.net
p1.parsely.com
pixel.advertising.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.ytimg.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
subscribe.afr.com
use.typekit.net
usermatch.krxd.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.myunidays.com
ajax.googleapis.com
108.174.10.14
13.224.102.33
13.224.102.53
13.224.102.55
13.224.102.94
13.224.197.80
13.224.95.38
13.225.87.53
13.55.151.243
142.250.181.226
142.250.185.230
142.250.186.130
18.156.147.57
2.18.233.180
212.82.100.182
216.58.212.130
2600:1f18:6593:f608:78e4:ddc4:e083:81a6
2600:9000:21f3:8a00:10:2964:9d00:21
2606:4700::6810:135e
2606:4700::6812:acf
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2008
2a00:1450:400c:c08::9b
2a02:26f0:6c00:2a8::13b8
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00:2b0::25ea
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::645
34.248.191.66
34.250.89.160
37.252.172.249
52.205.167.202
52.206.55.189
52.214.44.171
52.39.24.11
52.72.27.138
54.171.163.246
66.231.91.47
76.223.111.18
048fdc85e41e33b200f5befec1157de6ec31daf9e13014ce024ac2f0cb01b4d6
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
071b65a50ec1f739b4e0fc463ad77355d7fb00963e4cf2ec188741ab06f4e28c
088efda2cc6c430f1906528cd11cfff8cbdf063cea196de822c489ecc4b0ae08
0c3af2327836a3c4e1770708d8624c7f852337a413c11ead68bc9e697594f454
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116156976e21f0786c94a1ea8b3015ce693551b4e7907fd53b3d79dbbf9628f5
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15f1f54ccfcd041d4139a482acfa3e7776ef8f69ef8a2362fc2a2d128531bf96
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e
1fa610a406a8c6ec4f5181c976dc73335bb8265627a49b4ce9a755ff4e76c9a5
20e08f02a0165efa2536cc70de0162691357f3ab5b4ea262d91c98cd47c0b78e
2261e76a961e2a746faef45da07399665bd66da4d05fb7637d12d75960346e53
258026d0395e9f294a8d391c8124653bbb4d19fcf11bcf8a76646d9b1c97c043
259db7fdbc5eb51676d9db90d2f74925e2734325387e25c51fdf7aa991510257
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29b8b4876cbc2890451456d3a48952741282480812c92fe3c952668e8c20d1ae
2f1b3c20947609880fa669248919d46ad2b26b995cd8f7e2f3d764dff3e47bdb
311f516c266561a87bde34523b090fdcd88841da7c489e9bad2a011e2b540ecc
338140f080782dd9fc999b9c240cde15f599e7ffd10b3fd3d9085717d38ad8d3
3b27e284f97b57cae4ae695e19a39059281efd60e7baccda6763bbf842b6957d
3daaba1fec3c7c505b4f5b675e7e48166be7b2d63d5401fd1300bd2ab8c6a020
3e6c72fc20041756446ed284e3ea5afe99719771a2d3288e21e747206097fd05
416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641
4cbc75df0e6f938b7d8784a3a5cd889c1fa6818dad0f7f114f75185944959ae9
4e206b563d27b5a7a3f7cabf944d6d278e6e8640018a72ce7b7ff989f1396df9
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54d184ebf615d2318df74e0a06a5d530543357333a54fa10e0fbec5008f34353
5f84979cd2620b04fc21fbb01567a5288d5b0dbf29ef9cb4f01f8b4f8b312016
65048f3a5caf412e3f86a0a830266c0ecc0e604aeadee4399dd7457374152153
702a90d033e47592ff63482842a2b9a3c8021e8ecc459451e368f602759ce7a3
791e4f941145a2c7471642a6a00ff0a3e7a6ed7657cc7198d09149fbfe61128e
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7a5db96a8dda4192925cb93200bd619dd2376a9810b1b4658a4763466fc192f3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bfef000f661f2d74514b4bc16343cd9472d67728c063723d715b9a2052ee22b
822f635d5af4075e9700c5acb7d650ac6410db904ffd63625586e944b7a8613d
83347b89dbd98d877e2841bed7c2ddcb1685034fa8cc515f4a9347004bf6d9b8
840e190f769073fc9afa86b2bf84c4a6e7a0ffa73efe1f8443c4b7af311d0b74
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b23ef2b5d148948a0e393c8af051177f818b7fb18cda003998916666caabee
8a35f62823163162659645803ea69c2a846ac3bbdc906cbbdb8e66851490416f
8c200053c7c4e75f4108422bd7dff90393aa461bf38cf606252a73f42ec1e3c9
8c59dc3d16a8d10f28848406e948ba04ee674fd143e6dcda09449bf17e0d41e2
8d308a45c672c17e1de57520b35c0b41e415b52145ac86528ce0c90651082c34
8eb370958ebfda49da350a47b04991745dcfdcebca2208353ad413f6c8a65ef4
8fffdb94ce839d933a9662f9cf65542901cd0ce438fa4b6c292b1a15ada21495
91128655e9af98045035d85d46df0be8e62259deac66848a63e10480b0e7418f
93840cff133ea240ca822a6cd73422efab46c8052b330b025f788e4328385e4c
93a10652683673203b04f5e7a6e011381c667e6d1dfacfb7ef548529b36aefe2
9a3eaa512927a1db3c2cbfcd760b8eead07cdfb22b34a6be2dae6825c2ad296d
9c448f36c5f2ad4a77a153c4b6334d1b5c40bf7534b98f0141f3bbc4289d06fe
9facd244c85f5b24aa12ada5789efd202c3c467e28768c9a19ea07a22c6ecd89
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a3c78596628f7e53c40bbfd0e9eed225181c4c2933a6e051e8fa46c30b221d1f
a44fb6a26732b7892f2802aee69fb0413ecd26b508b5c79720a48c485f4889ee
add2498fa07e98579a6f4e00bc335fc7310cd0be026e14a9f51d2a82a7d099f2
ae47b7a2b0685219de8d4b0a320fc4c96ec86ebbdbfb9cdf33f82c565e3ccc64
b08a5694c54434d8d8c8ad808dcb991ff0e2583d29cfaecedfd668b06dd70e9d
b4a6b520b4516b439e779494b3d836def3d5d82a6dd272e53edb47fa63fc208a
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440
b95b00c192fc8bea51016abc2163ed43bbd79098b5509d19a552089b4b204eba
c18ccb2ad7ce85961fe227743a7d56bbd0509f0ac9907c83c6ff69a395d485ce
c32c5d6d22c9d33c9e999a11ba72102f18ee813f019d742de86778bda72a0b02
c7df7e875d8af8045e6a13f95023445c64892602f89f7e20a9b1fbdd6135f888
c9871d91b6b58310831a0d78b904e44eb92a64630ac219ac43165d0ca8f0dacd
cd4e4e36fbe6360f7c6096eee230cbae4bde40f58dc20c394836e745495c77aa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1bfb69ae92242b7dab715bc652d80c28ffe55f048fe71173abe509f273846fd
d887f7f4db7f2d0c1f1144437f81895ee21c31b1ff80536f0dd73bca196626b8
dd67b2a939bdcf5838f599dc1aaadd26dd5545c76945170ed5d6dab0af721965
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1d280b6510466499398f0a5b48a8f5bc01da95ea6c6cf8555576b2df3d1b207
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a14e62effaf30747f000221f50904e4b80e49b65453ac931faad7089f0b530
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ea024e905868f958ff71db70ee04a973574e1be2bddb906e375616c99c68a050
ea532f797f9721e03a2638c72fb78f66e6760139b9c4b45c331527cf3de05a9d
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0fb25bc198ca9e11c03cf9d9d1b1da75a705453edf3bbed3c8d3e8fa7e28d
f83dfd746841a39fcc04f53235b1fda29cea8abedd637e006dc61c5842369777
f9fb9b96f74fbbf511105c3d458db83377134c81d73bc5be6b164c22c57aee51
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

subscribe.afr.com Open in urlscan Pro 2a04:4e42:600::645 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

99 %HTTPS

45 %IPv6

36 Domains

50 Subdomains

38 IPs

5 Countries

1356 kBTransfer

3887 kBSize

19 Cookies

7 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

subscribe.afr.com Open in urlscan Pro
2a04:4e42:600::645 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

99 %
HTTPS

45 %
IPv6

36
Domains

50
Subdomains

38
IPs

5
Countries

1356 kB
Transfer

3887 kB
Size

19
Cookies

105 HTTP transactions
0 data transactions