www.afr.com Open in urlscan Pro
2a04:4e42:600::645 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://frg.myaccount.afr.com/
Effective URL:
https://www.afr.com/
Submission: On June 30 via automatic, source certstream-suspicious (June 30th 2022, 3:02:11 am UTC) — Scanned from DE

Summary HTTP 150 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 33 domains to perform 150 HTTP transactions. The main IP is 2a04:4e42:600::645, located in United States and belongs to FASTLY, US. The main domain is www.afr.com. The Cisco Umbrella rank of the primary domain is 66039.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on September 6th 2021. Valid for: a year.

This is the only time www.afr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	99.83.186.106 99.83.186.106	16509 (AMAZON-02) (AMAZON-02)
1 35	2a04:4e42:600... 2a04:4e42:600::645	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:88e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:a00:10:2964:9d00:21	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	23.206.209.10 23.206.209.10	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:207... 2600:9000:2070:7000:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c24a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	3.104.230.68 3.104.230.68	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 3	52.214.221.189 52.214.221.189	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:224... 2600:9000:2240:6c00:2:42d9:3100:93a1	() ()
1	2600:9000:238... 2600:9000:238d:ec00:7:3896:c640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
3	13.32.121.112 13.32.121.112	() ()
2	104.90.105.234 104.90.105.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	108.157.4.7 108.157.4.7	16509 (AMAZON-02) (AMAZON-02)
1	52.16.76.85 52.16.76.85	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	52.63.117.185 52.63.117.185	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:224... 2600:9000:224a:1400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:f400:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	34.202.168.134 34.202.168.134	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	54.171.229.53 54.171.229.53	16509 (AMAZON-02) (AMAZON-02)
2	54.175.67.42 54.175.67.42	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	13.236.75.31 13.236.75.31	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	34.250.172.3 34.250.172.3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
150	54

1 99.83.186.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6033b2998aeb1ff7.awsglobalaccelerator.com

frg.myaccount.afr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a04:4e42:600::645 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.afr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ffx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.afr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:88e::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:a00:10:2964:9d00:21 (United States)

ASN16509 (AMAZON-02, US)

d2uhnetoehh304.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.209.10 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-10.deploy.static.akamaitechnologies.com

a304207300.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:7000:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ef::5c7b:c24a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.104.230.68 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-230-68.ap-southeast-2.compute.amazonaws.com

i.ffx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.214.221.189 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-221-189.eu-west-1.compute.amazonaws.com

secure-au.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2240:6c00:2:42d9:3100:93a1 (United States)

ASN- ()

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:238d:ec00:7:3896:c640:93a1 (United States)

ASN16509 (AMAZON-02, US)

adc-js.nine.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.112 (United States)

ASN- ()
PTR: server-13-32-121-112.fra60.r.cloudfront.net

au-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.105.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-105-234.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-7.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.76.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-76-85.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.63.117.185 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-117-185.ap-southeast-2.compute.amazonaws.com

l.ffx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:1400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

46ff92099532df74a0ec3f50bcb1ad9c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:f400:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

js3stgkut98jtqv6pn0id3qj3dygc1656558124.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.168.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-168-134.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.229.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-229-53.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.67.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-67-42.compute-1.amazonaws.com

10510523.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.236.75.31 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-236-75-31.ap-southeast-2.compute.amazonaws.com

adc.nine.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

fairfaxau.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.172.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-172-3.eu-west-1.compute.amazonaws.com

nd.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 162 news.google.com — Cisco Umbrella Rank: 4503 adservice.google.com — Cisco Umbrella Rank: 92 play.google.com — Cisco Umbrella Rank: 46 www.google.com — Cisco Umbrella Rank: 8	121 KB
24	afr.com 2 redirects frg.myaccount.afr.com www.afr.com — Cisco Umbrella Rank: 66039 api.afr.com — Cisco Umbrella Rank: 297967	809 KB
16	ffx.io static.ffx.io — Cisco Umbrella Rank: 131525 i.ffx.io — Cisco Umbrella Rank: 129324 l.ffx.io — Cisco Umbrella Rank: 546641	290 KB
12	imrworldwide.com 1 redirects secure-au.imrworldwide.com — Cisco Umbrella Rank: 31746 cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2752 secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1303 secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2550 js3stgkut98jtqv6pn0id3qj3dygc1656558124.nuid.imrworldwide.com	85 KB
9	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 ad.doubleclick.net — Cisco Umbrella Rank: 189 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	170 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	155 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	635 B
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	109 KB
5	googlesyndication.com 46ff92099532df74a0ec3f50bcb1ad9c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	36 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	277 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7751 www.google.de — Cisco Umbrella Rank: 5448	1 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 406 mb.moatads.com — Cisco Umbrella Rank: 640	86 KB
3	dotmetrics.net au-script.dotmetrics.net — Cisco Umbrella Rank: 74041	37 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917	67 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 669 a304207300.cdn.optimizely.com — Cisco Umbrella Rank: 226690 logx.optimizely.com — Cisco Umbrella Rank: 1225	91 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2695 p1.parsely.com — Cisco Umbrella Rank: 2041	26 KB
2	igodigital.com 10510523.collect.igodigital.com — Cisco Umbrella Rank: 237766 nova.collect.igodigital.com — Cisco Umbrella Rank: 4300	3 KB
2	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 192 nd.demdex.net — Cisco Umbrella Rank: 138996	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	nine.com.au adc-js.nine.com.au — Cisco Umbrella Rank: 146622 adc.nine.com.au — Cisco Umbrella Rank: 147500	23 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 369	7 KB
2	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1217 mab.chartbeat.com — Cisco Umbrella Rank: 1984	11 KB
1	omtrdc.net fairfaxau.sc.omtrdc.net — Cisco Umbrella Rank: 739886	314 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 745	633 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	355 B
1	t.co t.co — Cisco Umbrella Rank: 455	337 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	15 KB
1	bizographics.com sjs.bizographics.com — Cisco Umbrella Rank: 21769	3 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	cloudfront.net d2uhnetoehh304.cloudfront.net	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	120 KB
150	33

	Domain	Requested by
19	www.afr.com	1 redirects www.afr.com
13	play.google.com	www.gstatic.com
12	static.ffx.io	www.afr.com
8	news.google.com	www.afr.com news.google.com www.gstatic.com
6	www.facebook.com	www.afr.com
6	cdn-gl.imrworldwide.com	www.afr.com cdn-gl.imrworldwide.com
6	securepubads.g.doubleclick.net	www.afr.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	www.gstatic.com	news.google.com www.gstatic.com
4	api.afr.com	www.afr.com
4	connect.facebook.net	www.afr.com connect.facebook.net
3	tpc.googlesyndication.com	www.afr.com
3	www.google.com	www.afr.com
3	au-script.dotmetrics.net	www.afr.com au-script.dotmetrics.net
2	ad.doubleclick.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	news.google.com fonts.googleapis.com
2	secure-dcr.imrworldwide.com	www.afr.com
2	adservice.google.com	1 redirects securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net www.afr.com
2	secure-gl.imrworldwide.com	secure-au.imrworldwide.com www.afr.com
2	l.ffx.io	www.afr.com
2	px.ads.linkedin.com	2 redirects
2	z.moatads.com	www.afr.com z.moatads.com
2	i.ffx.io	d2uhnetoehh304.cloudfront.net
2	s.yimg.com	www.afr.com s.yimg.com
1	pagead2.googlesyndication.com
1	nd.demdex.net	www.afr.com
1	fairfaxau.sc.omtrdc.net	www.afr.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	p1.parsely.com	www.afr.com
1	nova.collect.igodigital.com	www.afr.com
1	adc.nine.com.au	adc-js.nine.com.au
1	www.google.de	www.afr.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.parsely.com	www.googletagmanager.com
1	10510523.collect.igodigital.com	www.googletagmanager.com
1	dpm.demdex.net	www.afr.com
1	logx.optimizely.com	cdn.optimizely.com
1	js3stgkut98jtqv6pn0id3qj3dygc1656558124.nuid.imrworldwide.com	www.afr.com
1	46ff92099532df74a0ec3f50bcb1ad9c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	sp.analytics.yahoo.com	www.afr.com
1	mb.moatads.com	z.moatads.com
1	vars.hotjar.com	static.hotjar.com
1	analytics.twitter.com	www.afr.com
1	t.co	www.afr.com
1	px4.ads.linkedin.com	www.afr.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	mab.chartbeat.com	static.chartbeat.com
1	static.ads-twitter.com	www.afr.com
1	adc-js.nine.com.au	www.afr.com
1	secure-au.imrworldwide.com	1 redirects
1	sjs.bizographics.com	www.afr.com
1	apis.google.com	www.afr.com
1	snap.licdn.com	www.afr.com
1	static.hotjar.com	www.afr.com
1	static.chartbeat.com	www.afr.com
1	a304207300.cdn.optimizely.com	cdn.optimizely.com
1	d2uhnetoehh304.cloudfront.net	www.afr.com
1	www.googletagmanager.com	www.afr.com
1	cdn.optimizely.com	www.afr.com
1	frg.myaccount.afr.com	1 redirects
150	63

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
nine.com.au COMODO RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-06`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-06-07`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-08` - `2022-07-07`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-08-03`	2 months	crt.sh
*.9pub.io Amazon	`2021-11-29` - `2022-12-28`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2021-09-28` - `2022-09-28`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.api.nine.com.au Amazon	`2021-08-15` - `2022-09-13`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.dotmetrics.net Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.ninetech.dev Amazon	`2021-08-03` - `2022-09-01`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
logx.optimizely.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.collect.igodigital.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.afr.com/
Frame ID: 521ADCB8E4825418B3A9EAF965AA4FBB
Requests: 119 HTTP requests in this frame

Frame: https://a304207300.cdn.optimizely.com/client_storage/a304207300.html
Frame ID: 516008720763AF4379C36F02A06BE9F7
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 2F538186F53D8846F8DEDDE24E377DB0
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 9FA6BAA1F300024AC28F8106BC998562
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 3917AB99CFA938F717DE145AA157C5C8
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460155&publicationId=afr.com
Frame ID: B052015D6588D17E9204F9874EDCEDB0
Requests: 16 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 207DB6BBF3286A3710B8691436D356A5
Requests: 3 HTTP requests in this frame

Frame: https://46ff92099532df74a0ec3f50bcb1ad9c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1248F546A8FED8ED65C2AB9AEEC76561
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9706568082843.521;~oref=https://www.afr.com/
Frame ID: 636A794CB718FFB9F8BBCCB234DA3F0D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8EE434BDD91876EF80E38941F8D38634
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5D436899A9FB9140C85E17A90954D6AF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8193CAEF104313AEFF0541BDBD79E8A0
Requests: 1 HTTP requests in this frame

Frame: https://adc.nine.com.au/?appNexusUid=5240102274109068021
Frame ID: F7142FC30B05AB7CCDC13933AB6BA43D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://frg.myaccount.afr.com/ HTTP 301
http://www.afr.com/ HTTP 301
https://www.afr.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

150
Requests

97 %
HTTPS

54 %
IPv6

33
Domains

63
Subdomains

54
IPs

8
Countries

2602 kB
Transfer

7999 kB
Size

51
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C3Pa9LBK9YpGhJpSW-gau2IzIA5OT8vBq6Na4uugP_ZbFrZYOEAEgvdu5YGCV8p2CrAegAbDWgZkoyAEJqQID7woOX4WxPuACAKgDAcgDCqoE5wFP0KHP8PomVfa9z695adWeaDmDE-36qyE3zpD-FSDeCq9_hPSjhgFquWtRhGZ8u7_FmLuWyf753dLDmfDTUsGHn8HBsEaEnll--vIosZhx017SqY8xCHrXVyqtzRIYpiCYA8TX4jVI2Q53PslN_4eFIoDHX_bQM-xzbhYeOF7SGnSJRG19Syav83TpKSSDQ7tl8153372hVAu4S3kDnLzxCawC_WSuOlS0PCN-mQTHOJZFYxO38oCJXgRXZ8Ov3HUKhzNQj6yMqbNZJGIevUVMeb29I1joPDN68Cz-jfUEOCmfYsM89cLABPPNt8LuA-AEAaAGLoAHsI7S-AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAsQlBvwUyl66apoAKA5gLAcgLAYAMAbgMAbgTiCfYEwvQFQGYFgH4FgGAFwE&ae=1&num=1&cid=CAASUORoOpAHgu9WCfqueOD1glUmD-CducmO20UnDYPTZm3SJrsGU6Lr1Hu3nem70B9uW6lNmfN-qq-BlI7OF7hNKtrofu68Zf3aVA1Lo9dKiBQQ&sig=AOD64_0g3XyKp9ReSu4bcsWcoBin1xaw1g&client=ca-pub-8027655917349410&nb=9&adurl=https://vwautoabo.vwfs.de%3Ftraci_c%3DPerformanceMax%7CDE%7CSubscription%7CVolkswagen%7CAutoAbo:ho%26traci_s%3DSUB:VW:PD:Google:DisplayAd:2021-11%26traci_ee%3D15268030770:%7Badgroup%7D:::::%26gclid%3DEAIaIQobChMIkefF9JfU-AIVFIveCh0uLAM5EAEYASAAEgK2EPD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C3Pa9LBK9YpGhJpSW-gau2IzIA5OT8vBq6Na4uugP_ZbFrZYOEAEgvdu5YGCV8p2CrAegAbDWgZkoyAEJqQID7woOX4WxPuACAKgDAcgDCqoE5wFP0KHP8PomVfa9z695adWeaDmDE-36qyE3zpD-FSDeCq9_hPSjhgFquWtRhGZ8u7_FmLuWyf753dLDmfDTUsGHn8HBsEaEnll--vIosZhx017SqY8xCHrXVyqtzRIYpiCYA8TX4jVI2Q53PslN_4eFIoDHX_bQM-xzbhYeOF7SGnSJRG19Syav83TpKSSDQ7tl8153372hVAu4S3kDnLzxCawC_WSuOlS0PCN-mQTHOJZFYxO38oCJXgRXZ8Ov3HUKhzNQj6yMqbNZJGIevUVMeb29I1joPDN68Cz-jfUEOCmfYsM89cLABPPNt8LuA-AEAaAGLoAHsI7S-AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAsQlBvwUyl66apoAKA5gLAcgLAYAMAbgMAbgTiCfYEwvQFQGYFgH4FgGAFwE&ae=1&num=1&cid=CAASUORoOpAHgu9WCfqueOD1glUmD-CducmO20UnDYPTZm3SJrsGU6Lr1Hu3nem70B9uW6lNmfN-qq-BlI7OF7hNKtrofu68Zf3aVA1Lo9dKiBQQ&sig=AOD64_0g3XyKp9ReSu4bcsWcoBin1xaw1g&client=ca-pub-8027655917349410&nb=0&adurl=https://vwautoabo.vwfs.de%3Ftraci_c%3DPerformanceMax%7CDE%7CSubscription%7CVolkswagen%7CAutoAbo:ho%26traci_s%3DSUB:VW:PD:Google:DisplayAd:2021-11%26traci_ee%3D15268030770:%7Badgroup%7D:::::%26gclid%3DEAIaIQobChMIkefF9JfU-AIVFIveCh0uLAM5EAEYASAAEgK2EPD_BwE
Title: ID.4 in nur 2 Wochen lieferbar

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C3Pa9LBK9YpGhJpSW-gau2IzIA5OT8vBq6Na4uugP_ZbFrZYOEAEgvdu5YGCV8p2CrAegAbDWgZkoyAEJqQID7woOX4WxPuACAKgDAcgDCqoE5wFP0KHP8PomVfa9z695adWeaDmDE-36qyE3zpD-FSDeCq9_hPSjhgFquWtRhGZ8u7_FmLuWyf753dLDmfDTUsGHn8HBsEaEnll--vIosZhx017SqY8xCHrXVyqtzRIYpiCYA8TX4jVI2Q53PslN_4eFIoDHX_bQM-xzbhYeOF7SGnSJRG19Syav83TpKSSDQ7tl8153372hVAu4S3kDnLzxCawC_WSuOlS0PCN-mQTHOJZFYxO38oCJXgRXZ8Ov3HUKhzNQj6yMqbNZJGIevUVMeb29I1joPDN68Cz-jfUEOCmfYsM89cLABPPNt8LuA-AEAaAGLoAHsI7S-AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAsQlBvwUyl66apoAKA5gLAcgLAYAMAbgMAbgTiCfYEwvQFQGYFgH4FgGAFwE&ae=1&num=1&cid=CAASUORoOpAHgu9WCfqueOD1glUmD-CducmO20UnDYPTZm3SJrsGU6Lr1Hu3nem70B9uW6lNmfN-qq-BlI7OF7hNKtrofu68Zf3aVA1Lo9dKiBQQ&sig=AOD64_0g3XyKp9ReSu4bcsWcoBin1xaw1g&client=ca-pub-8027655917349410&nb=7&adurl=https://vwautoabo.vwfs.de%3Ftraci_c%3DPerformanceMax%7CDE%7CSubscription%7CVolkswagen%7CAutoAbo:ho%26traci_s%3DSUB:VW:PD:Google:DisplayAd:2021-11%26traci_ee%3D15268030770:%7Badgroup%7D:::::%26gclid%3DEAIaIQobChMIkefF9JfU-AIVFIveCh0uLAM5EAEYASAAEgK2EPD_BwE
Title: Jetzt kurzfristig verfügbar - der Volkswagen ID.4 wirdbequem zu Ihrer Haustür geliefert.

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C3Pa9LBK9YpGhJpSW-gau2IzIA5OT8vBq6Na4uugP_ZbFrZYOEAEgvdu5YGCV8p2CrAegAbDWgZkoyAEJqQID7woOX4WxPuACAKgDAcgDCqoE5wFP0KHP8PomVfa9z695adWeaDmDE-36qyE3zpD-FSDeCq9_hPSjhgFquWtRhGZ8u7_FmLuWyf753dLDmfDTUsGHn8HBsEaEnll--vIosZhx017SqY8xCHrXVyqtzRIYpiCYA8TX4jVI2Q53PslN_4eFIoDHX_bQM-xzbhYeOF7SGnSJRG19Syav83TpKSSDQ7tl8153372hVAu4S3kDnLzxCawC_WSuOlS0PCN-mQTHOJZFYxO38oCJXgRXZ8Ov3HUKhzNQj6yMqbNZJGIevUVMeb29I1joPDN68Cz-jfUEOCmfYsM89cLABPPNt8LuA-AEAaAGLoAHsI7S-AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAsQlBvwUyl66apoAKA5gLAcgLAYAMAbgMAbgTiCfYEwvQFQGYFgH4FgGAFwE&ae=1&num=1&cid=CAASUORoOpAHgu9WCfqueOD1glUmD-CducmO20UnDYPTZm3SJrsGU6Lr1Hu3nem70B9uW6lNmfN-qq-BlI7OF7hNKtrofu68Zf3aVA1Lo9dKiBQQ&sig=AOD64_0g3XyKp9ReSu4bcsWcoBin1xaw1g&client=ca-pub-8027655917349410&nb=8&adurl=https://vwautoabo.vwfs.de%3Ftraci_c%3DPerformanceMax%7CDE%7CSubscription%7CVolkswagen%7CAutoAbo:ho%26traci_s%3DSUB:VW:PD:Google:DisplayAd:2021-11%26traci_ee%3D15268030770:%7Badgroup%7D:::::%26gclid%3DEAIaIQobChMIkefF9JfU-AIVFIveCh0uLAM5EAEYASAAEgK2EPD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=C3Pa9LBK9YpGhJpSW-gau2IzIA5OT8vBq6Na4uugP_ZbFrZYOEAEgvdu5YGCV8p2CrAegAbDWgZkoyAEJqQID7woOX4WxPuACAKgDAcgDCqoE5wFP0KHP8PomVfa9z695adWeaDmDE-36qyE3zpD-FSDeCq9_hPSjhgFquWtRhGZ8u7_FmLuWyf753dLDmfDTUsGHn8HBsEaEnll--vIosZhx017SqY8xCHrXVyqtzRIYpiCYA8TX4jVI2Q53PslN_4eFIoDHX_bQM-xzbhYeOF7SGnSJRG19Syav83TpKSSDQ7tl8153372hVAu4S3kDnLzxCawC_WSuOlS0PCN-mQTHOJZFYxO38oCJXgRXZ8Ov3HUKhzNQj6yMqbNZJGIevUVMeb29I1joPDN68Cz-jfUEOCmfYsM89cLABPPNt8LuA-AEAaAGLoAHsI7S-AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgHAQARgdMgPrggE6AoBAsQlBvwUyl66apoAKA5gLAcgLAYAMAbgMAbgTiCfYEwvQFQGYFgH4FgGAFwE&ae=1&num=1&cid=CAASUORoOpAHgu9WCfqueOD1glUmD-CducmO20UnDYPTZm3SJrsGU6Lr1Hu3nem70B9uW6lNmfN-qq-BlI7OF7hNKtrofu68Zf3aVA1Lo9dKiBQQ&sig=AOD64_0g3XyKp9ReSu4bcsWcoBin1xaw1g&client=ca-pub-8027655917349410&nb=1&adurl=https://vwautoabo.vwfs.de%3Ftraci_c%3DPerformanceMax%7CDE%7CSubscription%7CVolkswagen%7CAutoAbo:ho%26traci_s%3DSUB:VW:PD:Google:DisplayAd:2021-11%26traci_ee%3D15268030770:%7Badgroup%7D:::::%26gclid%3DEAIaIQobChMIkefF9JfU-AIVFIveCh0uLAM5EAEYASAAEgK2EPD_BwE
Title: Volkswagen AutoAbo

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=Aa2KcEYyccly14fA1CJgcmMe4FWfyIraBFzM5yyga23A4794RYFQ4p6HaOUcbFWaJYen_-5Gy7oE1HizxYdawd9USJSXWuciVNhob1g62vo7nCZmUDJlMBmNPKde2JQxm6DTVTnIBIrEalshaWFUZmW6xzmwAoW1IV8eXoACVVAyI_6YV7RrLK1MqqCcJe0n92jlasv-iuBngYRXO_LRcm2a5pCh2f8ggZT2jYY2bKj34VHUGzW78Oc3L0Aanclt5lPjccwCQgU-FzUhaMV5adkKpTe9Z0OzYCUE3E6JWjABxuaPSVvHjiVUWx_tQ1pagNtbJUWhQ66Rj1Vg5P4YG1q-w_1VY5AgZKwmSpuBKQ5_Q8U0oq6h9MCvQpvex1llTIGRmLqBDSGPu7R8KpGpwhMiBA9HKQlbFB-CEMqYbSMDTp4G88GFSs6zi7TU6S_k4gJjG6HhoU4jo9FgyittQtQ7A36dqgdkZc4-XAip43O-5Jsl4YiLqVmgHYMC0Jl0lgl3Y1_Ab9V02WvTDu9G7Ayj_f8m-lJ_t5Ro7pP-NJ1NgbzChT2z6j1j_Zu2MN4UnjS8MuNfyKh-PQOVmbP-l9P3e7RHXWzpJeD41Tg0XCMP3kcet5KYz2nEZOMASR_H4Kd1dgC5yXhynbGM7fL-tfgS6fHus8xZCTYPMh8Pbu4GNm0fRPDv_ZQ0Ppjgpw9L3sAvSFxJrAC76S19ODNsgFD6bBd4b5YtQHhfR56o_VWmvquA-PzBsmM-78LNa7cGxDkclNwETp8jy1JBja_qjEvsFawvI6qWSCGBTp_DPEfwFessamE4NIz4cHrXE1EF-P4xVdZym_ImfxkJ9QtG2H4YaQOP7gZg4CzrMP7OwfNVaq70yOSg8u0MDSt30buAxTTPMKwcz3YRQhfNNoP8sIuZo9ou77OqvN6rWraY7kXMvNY0FeWA2xn-UKF6NdEdTS1h_Vj3VfCgLJIVn38TzUOGwkt047547PzMGDI8e1UzEIY_ne2aoh2lYQWQFoqhkwMJIWb6vfoyw44J-s2JNx54m9gbXrohLRoABa3t1ZqW3ACqGlYSvavvxACpNK98mmJtlRO4UEgn60aEDQxSXPjbONCsE1moKei2U0MWlfbC70jFzdvw6AhOnzHCGTPgYZXCfUSc2inURobD4h8VHE6-Ei31L2H5rtFfS4WpoYm1PsxWwbKkiQ2qQkvIjK21Vj47H_cNcMntfuYK_Fsq4QiGn2qr6xxn-s45kzVhpe9hXmeO3ojwfbG8Yi3823y25xgKtdKbF93wyDJfQZjQazEway6ghvhiyVum11NKmG83zew1zU_Pj-e1s9-T1emdqpQeX2mcCcXEKeE6Vrvfp7eMnzSSBOF543iB7l-uj2-V_KQssux6D0w7Gc5Qt94b8-TkWBkyKZtvUFWsZN_8mB8NMjIE_IG9VUF0BWPNmw301HTWQ_gfUYUBiLEDFBffISd91jI2rqc_Da89RvgU9I30bHQ2zn2wSTYIGdfI0fRvdIJ-i5f5Qmya6pLFlkyEpY4Jm9-x89_iCvfnzhVjPJdfQZpdmYC8SMzB_QyqprMerHv0XYbTrL-JG-k4rvzVRYl7WOoxI1LJjkyIx6wiTeGtjQIk46skbUL-3QqHTmlnYhEBrLKmmcOJHtwWh55cJh2MNz_1QrDDQmcGQoBoUUDfCRYl82EUuNFH0TBy-ST2Ux570I3vV13yfngfrh5iObHwI08EUwOxRTuHhRo566Eda_mpApY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://frg.myaccount.afr.com/ HTTP 301
http://www.afr.com/ HTTP 301
https://www.afr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://secure-au.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1656558124166&url=https%3A%2F%2Fwww.afr.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9724%252C3519914%26time%3D1656558124166%26url%3Dhttps%253A%252F%252Fwww.afr.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1656558124166&url=https%3A%2F%2Fwww.afr.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1656558124166&url=https%3A%2F%2Fwww.afr.com%2F&liSync=true&e_ipv6=AQIo47xiT1wCIQAAAYGyjv33qOWShMxTd1kZp3TDmxm4Wnn7GD6tWOeryiLCEyr6bIqA1k2W7Q5eA0OpLQlPv5Nc-UGfvg

Request Chain 119

https://ad.doubleclick.net/ddm/activity/src=6633783;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9706568082843.521 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9706568082843.521 HTTP 302
https://adservice.google.com/ddm/fls/p/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9706568082843.521;~oref=https://www.afr.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9706568082843.521;~oref=https://www.afr.com/

Request Chain 132

https://ib.adnxs.com/getuid?https://adc.nine.com.au?appNexusUid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fadc.nine.com.au%3FappNexusUid%3D%24UID HTTP 302
https://adc.nine.com.au/?appNexusUid=5240102274109068021

150 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.afr.com/
Redirect Chain

https://frg.myaccount.afr.com/
http://www.afr.com/
https://www.afr.com/

876 KB
127 KB

50ms
16ms

Document
text/html

2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

40806ed18b8706290e21f5696fc2a7e09acdddc32bc1012d2793338898616e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17
cache-control: public, max-age=20
content-encoding: gzip
content-length: 129983
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 03:02:03 GMT
etag: W/"db0e4-1rKc4ArmTRHihngf90OLtB4ZPHY"
strict-transport-security: max-age=31536000
uber-trace-id: 4a5678047a50bfe0:4a5678047a50bfe0:0:0
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-frame-options: sameorigin
x-served-by: cache-syd10153-SYD, cache-mxp6945-MXP
x-varnish-grace: none(fetch fresh)
x-xss-protection: 1; mode=block

Redirect headers

Accept-Ranges: bytes
Connection: close
Content-Length: 0
Date: Thu, 30 Jun 2022 03:02:03 GMT
Location: https://www.afr.com/
Retry-After: 0
Server: Varnish
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 0
X-Served-By: cache-mxp6925-MXP
X-Timer: S1656558123.185585,VS0,VE0

GET
H2 200 polyfillsGlobal.9a7cc821ad4b620e9ed3.legacy.js Show response
www.afr.com/assets/ 1 KB
764 B 27ms
26ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/polyfillsGlobal.9a7cc821ad4b620e9ed3.legacy.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e87ae526a0d5a8a2294f250cdc18b19166be66c0da0f8ea645d6b72d71189912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 86151
uber-trace-id: 2c8e11ba2c7cefd7:2c8e11ba2c7cefd7:0:0
x-cache: HIT, HIT
content-length: 538
etag: W/"4be-181ad533b50"
x-served-by: cache-syd10142-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:38:42 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 23, 2

GET
H2 200 europa.fe982887da82c5f58e09.legacy.js Show response
www.afr.com/assets/ 42 KB
12 KB 28ms
28ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/europa.fe982887da82c5f58e09.legacy.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82cfaf805346f8ba3bb53cb39ca9b53926aac73c04359c380683b12340c73100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 86182
uber-trace-id: 8e300befed140b68:8e300befed140b68:0:0
x-cache: HIT, HIT
content-length: 12426
etag: W/"a79f-181ad533b50"
x-served-by: cache-syd10152-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:38:42 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 13780390039.js Show response
cdn.optimizely.com/js/ 295 KB
89 KB 94ms
14ms Script
text/javascript 2a02:26f0:3500:88e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/13780390039.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

85039a60c5db441663f6de6c9f9c06d1a1ce7c1b91a40527ae84241522bc429c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: hC904JpHmUGfHSOPG40dPLu_PtM0cnRA
content-encoding: gzip
etag: "8f4662e724ce4e69bf4750a6e0feed2f"
x-amz-request-id: 0FR71JF5TTVXREGJ
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 3186
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="12";dur=0,cdnip;desc="2a02:26f0:3500:88e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 90253
x-amz-id-2: 9DSOVXq76iJ9JIcihJNpvgHkWDyDtGc4ao1tw6Q1ngr9a67SojBM0GHb3Lioad9bUVxw2bTzCVM=
last-modified: Wed, 29 Jun 2022 01:28:09 GMT
server: AmazonS3
date: Thu, 30 Jun 2022 03:02:03 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 5ffdbb59443539d3c93316d823ad5d77bed61091
static.ffx.io/images/$zoom_0.212%2C$multiply_3%2C$ratio_1.777778%2C$width_636%2C$x_399%2C$y_540/t_crop_custom/c_scale%2Cw_460%2Cq_88%2Cf_auto/ 17 KB
18 KB 72ms
21ms Image
image/webp 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.212%2C$multiply_3%2C$ratio_1.777778%2C$width_636%2C$x_399%2C$y_540/t_crop_custom/c_scale%2Cw_460%2Cq_88%2Cf_auto/5ffdbb59443539d3c93316d823ad5d77bed61091
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f738222292bf22b87ade409e38650b2e630aceee1b701b0aaa6739cba10d484a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 1254
edge-cache-tag: 489648020786392752181357792253309004286,233150356777644586609967547117299317369,5f5f4219172da4ec8104790896b11172
cache-tag: 489648020786392752181357792253309004286,233150356777644586609967547117299317369,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="5ffdbb59443539d3c93316d823ad5d77bed61091.webp"
content-length: 17906
x-cld-skey: 489648020786392752181357792253309004286 233150356777644586609967547117299317369 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Thu, 30 Jun 2022 02:16:27 GMT
server: cloudinary
x-timer: S1656558123.335804,VS0,VE1
etag: "d477e9f0abdec39e68cc3ce9d45d2656"
x-served-by: cache-mxp6932-MXP, cache-mxp6945-MXP
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 6011d6c8d51e93e628efd8e7aac7965d79cdc216
static.ffx.io/images/$zoom_0.3918%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_332/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 2 KB
2 KB 71ms
19ms Image
image/webp 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.3918%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_332/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/6011d6c8d51e93e628efd8e7aac7965d79cdc216
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: b9ca7bac26e6b77390b0dae8846126d9d715b684c83a52b0465f8f840bef69c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 1254
edge-cache-tag: 394461709187554975769523344903582970832,264993411361229185838381217415239675429,5f5f4219172da4ec8104790896b11172
cache-tag: 394461709187554975769523344903582970832,264993411361229185838381217415239675429,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="6011d6c8d51e93e628efd8e7aac7965d79cdc216.webp"
content-length: 1860
x-cld-skey: 394461709187554975769523344903582970832 264993411361229185838381217415239675429 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Tue, 17 Aug 2021 11:26:30 GMT
server: cloudinary
x-timer: S1656558123.335822,VS0,VE0
etag: "d06ad606f68134c16b50dcc73a034145"
x-served-by: cache-mxp6945-MXP, cache-mxp6945-MXP
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 de2c301d7b50fe23ff4695eba75f02a2a55444c2
static.ffx.io/images/$zoom_0.482%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 3 KB
3 KB 73ms
22ms Image
image/webp 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.482%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/de2c301d7b50fe23ff4695eba75f02a2a55444c2
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3748f6644234cbcd21add06e083e8759591ef08a9e73d5cdd5f0b4c8acf5aeac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 19043
edge-cache-tag: 299947589198353547651603152536628397713,318628788176802012469653460686038782227,5f5f4219172da4ec8104790896b11172
cache-tag: 299947589198353547651603152536628397713,318628788176802012469653460686038782227,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="de2c301d7b50fe23ff4695eba75f02a2a55444c2.webp"
content-length: 2836
x-cld-skey: 299947589198353547651603152536628397713 318628788176802012469653460686038782227 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Mon, 09 Aug 2021 02:07:32 GMT
server: cloudinary
x-timer: S1656558123.336232,VS0,VE1
etag: "2b9dcea78df070b9d7474a4a257ca21a"
x-served-by: cache-mxp6937-MXP, cache-mxp6945-MXP
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 5a70d01ede5741ad3f1c9159d944a49f9f20dad5
static.ffx.io/images/$zoom_0.5298%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_95/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ 7 KB
7 KB 491ms
440ms Image
image/webp 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.5298%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_95/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/5a70d01ede5741ad3f1c9159d944a49f9f20dad5
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: dd3c0f6289b88d42a1f6dce497e64189cda9de2b4bb8dfa43f1dd30a79b5c0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 254354545322528550875901885654229742798,290353056213031449390122538809588011302,5f5f4219172da4ec8104790896b11172
cache-tag: 254354545322528550875901885654229742798,290353056213031449390122538809588011302,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="5a70d01ede5741ad3f1c9159d944a49f9f20dad5.webp"
content-length: 6976
x-cld-skey: 254354545322528550875901885654229742798 290353056213031449390122538809588011302 5f5f4219172da4ec8104790896b11172
x-cache: MISS, MISS
last-modified: Thu, 30 Jun 2022 03:00:05 GMT
server: cloudinary
x-timer: S1656558123.336254,VS0,VE424
etag: "5bf9ac69095a529053e07aaa3fc27397"
x-served-by: cache-mxp6976-MXP, cache-mxp6945-MXP
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0

GET
H2 200 52e63f0a1564d2ac45e9fdd1432b016a1dd05266
static.ffx.io/images/$zoom_1.5977%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_1057%2C$y_61/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ 4 KB
4 KB 72ms
21ms Image
image/webp 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_1.5977%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_1057%2C$y_61/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/52e63f0a1564d2ac45e9fdd1432b016a1dd05266
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9514be057ce4d6848b93ee3e442d32afda1cc60f72e7e2e26eedce562eab0047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 1254
edge-cache-tag: 363888552700361879510949129430537514777,463547387218356960466586435931789605304,5f5f4219172da4ec8104790896b11172
cache-tag: 363888552700361879510949129430537514777,463547387218356960466586435931789605304,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="52e63f0a1564d2ac45e9fdd1432b016a1dd05266.webp"
content-length: 4076
x-cld-skey: 363888552700361879510949129430537514777 463547387218356960466586435931789605304 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Thu, 30 Jun 2022 02:35:35 GMT
server: cloudinary
x-timer: S1656558123.336192,VS0,VE0
etag: "64ef703914d1181c088b69ae0684f7ad"
x-served-by: cache-mxp6922-MXP, cache-mxp6945-MXP
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 d376d56b541530c10c7fac2c32612337aca934d7
static.ffx.io/images/$zoom_1.0605%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ 218 KB
219 KB 73ms
23ms Image
image/gif 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_1.0605%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/d376d56b541530c10c7fac2c32612337aca934d7
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: bd196e6c2034264bec25428ea96afd83aad8f94444106cd974bf3ec77cde2358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 6789
edge-cache-tag: 436339906396155934747849408143286775633,279201276080903789830978199768966409366,5f5f4219172da4ec8104790896b11172
cache-tag: 436339906396155934747849408143286775633,279201276080903789830978199768966409366,5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
content-length: 223682
x-served-by: cache-mxp6944-MXP, cache-mxp6945-MXP
x-cld-skey: 436339906396155934747849408143286775633 279201276080903789830978199768966409366 5f5f4219172da4ec8104790896b11172
last-modified: Thu, 30 Jun 2022 00:59:54 GMT
server: cloudinary
x-timer: S1656558123.336219,VS0,VE1
etag: "67d52ebe97028525c6904a751ad66bbe"
vary: User-Agent
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 dd8d0fb7866a03746a982aa1198c41068129f27f
static.ffx.io/images/$zoom_0.2948%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_120%2C$y_149/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/ 6 KB
6 KB 21ms
16ms Image
image/webp 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.2948%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_120%2C$y_149/t_crop_custom/c_scale%2Cw_220%2Cq_88%2Cf_auto/dd8d0fb7866a03746a982aa1198c41068129f27f
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 76616fe274686bb90918bb33f99a42ae9bc289f764ae269a36d2910811632856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 12200
edge-cache-tag: 195495274706296830492277713875145786464,410826856655211798594842490706663231736,5f5f4219172da4ec8104790896b11172
cache-tag: 195495274706296830492277713875145786464,410826856655211798594842490706663231736,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="dd8d0fb7866a03746a982aa1198c41068129f27f.webp"
content-length: 5650
x-cld-skey: 195495274706296830492277713875145786464 410826856655211798594842490706663231736 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Wed, 29 Jun 2022 23:02:05 GMT
server: cloudinary
x-timer: S1656558123.364763,VS0,VE1
etag: "26ae1f29ec4bb13f509c70be8ef2ddea"
x-served-by: cache-mxp6948-MXP, cache-mxp6945-MXP
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 8e705587464086e3ecbbf4884a1fc9a373b0896a
static.ffx.io/images/$zoom_3.7484%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_140%2Cq_auto:best%2Cfl_any_format/ 1 KB
2 KB 22ms
16ms Image
image/jpeg 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_3.7484%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_140%2Cq_auto:best%2Cfl_any_format/8e705587464086e3ecbbf4884a1fc9a373b0896a
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 494c5b686e9df0b93e2921c46438fdc1d805b3b565626eb3b5607660b4a1d00b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 1206417
edge-cache-tag: 481331485167265226211634659373925971669,296229324949609662698415196725029712831,5f5f4219172da4ec8104790896b11172
cache-tag: 481331485167265226211634659373925971669,296229324949609662698415196725029712831,5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
content-length: 1440
x-served-by: cache-mxp6975-MXP, cache-mxp6945-MXP
x-cld-skey: 481331485167265226211634659373925971669 296229324949609662698415196725029712831 5f5f4219172da4ec8104790896b11172
last-modified: Wed, 11 Aug 2021 15:59:34 GMT
server: cloudinary
x-timer: S1656558123.365031,VS0,VE1
etag: "ad6bb75e49f323a07082006b76c650dd"
vary: User-Agent
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 25cc8c74f48b08a60ab02df02ab9d248a21c0ea2
static.ffx.io/images/$width_80%2C$height_80/t_crop_fill%2Cq_auto:best%2Cfl_any_format/ 4 KB
4 KB 22ms
17ms Image
image/png 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$width_80%2C$height_80/t_crop_fill%2Cq_auto:best%2Cfl_any_format/25cc8c74f48b08a60ab02df02ab9d248a21c0ea2
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 432109c2f65cd665c817208a3a605803e56d3c96ef99f331585ecc0358a72568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 769328
edge-cache-tag: 255943101922487218792196433236061215190,353177647778062237884871266395810378604,5f5f4219172da4ec8104790896b11172
cache-tag: 255943101922487218792196433236061215190,353177647778062237884871266395810378604,5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
content-length: 4010
x-served-by: cache-mxp6946-MXP, cache-mxp6945-MXP
x-cld-skey: 255943101922487218792196433236061215190 353177647778062237884871266395810378604 5f5f4219172da4ec8104790896b11172
last-modified: Fri, 26 Mar 2021 03:02:02 GMT
server: cloudinary
x-timer: S1656558123.365010,VS0,VE1
etag: "0c2cf64694db678bf5ff19524a079bf6"
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 389 KB
120 KB 64ms
17ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cde37ef271eb61e2946bbfc9099260079e65f2822d66946f20049af50be89364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122821
x-xss-protection: 0
expires: Thu, 30 Jun 2022 03:02:03 GMT

GET
H2 200 sp.js Show response
d2uhnetoehh304.cloudfront.net/2.11.0-patched/ 97 KB
30 KB 58ms
8ms Script
application/javascript 2600:9000:214f:a00:10:2964:9d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:10:2964:9d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3c78596628f7e53c40bbfd0e9eed225181c4c2933a6e051e8fa46c30b221d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:49:07 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 01:09:01 GMT
server: AmazonS3
age: 4515176
etag: W/"80b7ca5bd7a7e17f33545663b8f8423f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: yjQarTgv4fE1CO57Dt7Q0Qc5ogo5zPZKj2rZPWrPp6zrTfcPPfIl4w==

GET
H2 200 9a774230.svg
www.afr.com/assets/ 3 KB
738 B 21ms
18ms Image
image/svg+xml 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.afr.com/assets/9a774230.svg

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bcf86c48df6f76b921cce4d3b354c52312027494dbac002cf58ff39ca8593ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"bf5-17f95fef748"
age: 9024261
uber-trace-id: 3726581a696669d6:3726581a696669d6:0:0
x-cache: HIT, HIT
content-length: 460
x-served-by: cache-syd10135-SYD, cache-mxp6945-MXP
last-modified: Thu, 17 Mar 2022 03:49:49 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 11459, 2

GET
H2 200 0d96eeec.svg
www.afr.com/assets/ 6 KB
3 KB 26ms
23ms Image
image/svg+xml 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.afr.com/assets/0d96eeec.svg

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b56cf3ff69da24ee4d01b00d8bbad12a602a1f083e47c6646b02b639fd633fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"18fe-17f95fef748"
age: 9026386
uber-trace-id: 4067855082a3122b:4067855082a3122b:0:0
x-cache: HIT, HIT
content-length: 2780
x-served-by: cache-syd10154-SYD, cache-mxp6945-MXP
last-modified: Thu, 17 Mar 2022 03:49:49 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 191, 1

GET
H2 200 suecanano-regular-webfont.woff2
www.afr.com/fonts/ 18 KB
18 KB 18ms
17ms Font
font/woff2 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecanano-regular-webfont.woff2

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a44fb6a26732b7892f2802aee69fb0413ecd26b508b5c79720a48c485f4889ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"4664-181ad5254d8"
age: 43842
uber-trace-id: 281887165a6b6bb9:281887165a6b6bb9:0:0
x-cache: HIT, HIT
content-length: 18020
x-served-by: cache-syd10124-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:37:43 GMT
date: Thu, 30 Jun 2022 03:02:03 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 3, 2

GET
H2 200 suecahd-regular-webfont.woff2
www.afr.com/fonts/ 22 KB
23 KB 22ms
21ms Font
font/woff2 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecahd-regular-webfont.woff2

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

338140f080782dd9fc999b9c240cde15f599e7ffd10b3fd3d9085717d38ad8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"59b8-181ad5254d8"
age: 43779
uber-trace-id: 10246d44e0607ebd:10246d44e0607ebd:0:0
x-cache: HIT, HIT
content-length: 22968
x-served-by: cache-syd10171-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:37:43 GMT
date: Thu, 30 Jun 2022 03:02:03 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 suecahd-regularitalic-webfont.woff2
www.afr.com/fonts/ 24 KB
24 KB 20ms
19ms Font
font/woff2 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecahd-regularitalic-webfont.woff2

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fa84adaa52138db2f2ca946b1e3ce31105a39a9a1f1b5fb25ad456241c2d0e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"5f4c-181ad5254d8"
age: 41384
uber-trace-id: afcbebb70c693826:afcbebb70c693826:0:0
x-cache: HIT, HIT
content-length: 24396
x-served-by: cache-syd10169-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:37:43 GMT
date: Thu, 30 Jun 2022 03:02:03 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 6, 2

GET
H2 200 suecanano-semibold-webfont.woff2
www.afr.com/fonts/ 17 KB
18 KB 21ms
20ms Font
font/woff2 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecanano-semibold-webfont.woff2

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

85b23ef2b5d148948a0e393c8af051177f818b7fb18cda003998916666caabee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"45f0-181ad5258c0"
age: 34602
uber-trace-id: f22706dd948de910:f22706dd948de910:0:0
x-cache: HIT, HIT
content-length: 17904
x-served-by: cache-syd10122-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:37:44 GMT
date: Thu, 30 Jun 2022 03:02:03 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 2, 2

GET
H2 200 suecahd-bold-webfont.woff2
www.afr.com/fonts/ 22 KB
22 KB 16ms
16ms Font
font/woff2 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/fonts/suecahd-bold-webfont.woff2

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f1b3c20947609880fa669248919d46ad2b26b995cd8f7e2f3d764dff3e47bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish, 1.1 varnish
etag: W/"5844-181ad5254d8"
age: 43450
uber-trace-id: 841829891f7f8039:841829891f7f8039:0:0
x-cache: HIT, HIT
content-length: 22596
x-served-by: cache-syd10164-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:37:43 GMT
date: Thu, 30 Jun 2022 03:02:03 GMT
x-frame-options: sameorigin
content-type: font/woff2
cache-control: public, max-age=86400
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 2, 2

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38814c5240d913c5270db8b8c3eae9f192489b2d2752b63c30562c4287f70015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vendorsReactRedux_client.ec2e17057b2710612e40.chunk.js Show response
www.afr.com/assets/ 156 KB
51 KB 24ms
22ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/vendorsReactRedux_client.ec2e17057b2710612e40.chunk.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5cd43db47fc8e6f2622adeeaf4a96db72992e066e284b533dcd44596508fc4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 86161
uber-trace-id: 946b1603ea858146:946b1603ea858146:0:0
x-cache: HIT, HIT
content-length: 52206
etag: W/"27006-181ad533380"
x-served-by: cache-syd10168-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:38:40 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 vendorsHtmlparser2_client.567beaf315ead3a67e15.chunk.js Show response
www.afr.com/assets/ 126 KB
40 KB 28ms
26ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/vendorsHtmlparser2_client.567beaf315ead3a67e15.chunk.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6a7b65ce161c419f9e21562f35e8625ee6126e92cca53436c843e3987aad70f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 86100
uber-trace-id: 8386eb82b5d9674e:8386eb82b5d9674e:0:0
x-cache: HIT, HIT
content-length: 40369
etag: W/"1f845-181ad533380"
x-served-by: cache-syd10122-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:38:40 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none(fetch fresh)
accept-ranges: bytes
x-cache-hits: 18, 2

GET
H2 200 vendors_client.898ce34d3220fe5a0fab.chunk.js Show response
www.afr.com/assets/ 785 KB
217 KB 31ms
29ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/vendors_client.898ce34d3220fe5a0fab.chunk.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4590f1130c542f6520dd37fa7095416cb8a3873c6b24c496e0df1eb7b5257580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 86183
uber-trace-id: c67e281b73f13dbf:c67e281b73f13dbf:0:0
x-cache: HIT, HIT
content-length: 221882
etag: W/"c42d1-181ad533380"
x-served-by: cache-syd10156-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:38:40 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H2 200 client.57e399003a3ac519f832.js Show response
www.afr.com/assets/ 626 KB
155 KB 32ms
31ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/client.57e399003a3ac519f832.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ec59d3afb521f71c9cede663ee7a22971bb15c27cf2ed404fc300031c0f3e479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 86161
uber-trace-id: 6a19bed5cd9f3605:6a19bed5cd9f3605:0:0
x-cache: HIT, HIT
content-length: 158678
etag: W/"9c8f6-181ad533380"
x-served-by: cache-syd10172-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:38:40 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 100, 1

GET
H2 200 Homepage.622deaa8b832ff0dc2f5.chunk.js Show response
www.afr.com/assets/ 76 KB
18 KB 29ms
28ms Script
application/javascript 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/Homepage.622deaa8b832ff0dc2f5.chunk.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a3451e3e88e41410af3fa902aa6cb51d3b496ac00f169c40381bd0251869b8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://www.afr.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 86149
uber-trace-id: 13e694400a8bedf6:13e694400a8bedf6:0:0
x-cache: HIT, HIT
content-length: 18735
etag: W/"12e48-181ad533380"
x-served-by: cache-syd10137-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:38:40 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 12, 1

GET
H2 200 client.57e399003a3ac519f832.css
www.afr.com/assets/ 174 KB
28 KB 22ms
21ms Stylesheet
text/css 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/client.57e399003a3ac519f832.css

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b9818982e699dcb8e9028532aeec80c810621d6020ddb48a36d0edb8051fb06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 86110
uber-trace-id: 50b87d5a9c1e31a0:50b87d5a9c1e31a0:0:0
x-cache: HIT, HIT
content-length: 28256
etag: W/"2b89d-181ad533380"
x-served-by: cache-syd10153-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:38:40 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 14, 2

GET
H2 200 Homepage.622deaa8b832ff0dc2f5.chunk.css
www.afr.com/assets/ 79 KB
12 KB 32ms
31ms Stylesheet
text/css 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/Homepage.622deaa8b832ff0dc2f5.chunk.css

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

46fbe503b3f207f3da5c95a0d9fb494dc93d6c57c1e89fc885a2169c731fb6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 86108
uber-trace-id: 22ffc7c6b0997c47:22ffc7c6b0997c47:0:0
x-cache: HIT, HIT
content-length: 12045
etag: W/"13ca7-181ad533380"
x-served-by: cache-syd10123-SYD, cache-mxp6945-MXP
last-modified: Wed, 29 Jun 2022 02:38:40 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none(fetch fresh)
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 63ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/assets/europa.fe982887da82c5f58e09.legacy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

874cf4e22d967cd0b7fb05e18beb2159f79c74b237db9c57be665b2968d8dbbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28077
x-xss-protection: 0
server: sffe
etag: "1259 / 512 of 1000 / last-modified: 1656540372"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Jun 2022 03:02:03 GMT

GET
H2 200 a304207300.html Show response
a304207300.cdn.optimizely.com/client_storage/ Frame 5160 3 KB
2 KB 188ms
14ms Document
text/html 23.206.209.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a304207300.cdn.optimizely.com/client_storage/a304207300.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/13780390039.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.206.209.10 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-206-209-10.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

8b72c10e7cef9d58e030a96817fa2c3e896fa60311541d575d7d27c3c1b693bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 994
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 03:02:03 GMT
etag: "fd8517ac0379020a95f1c967277d0eb8"
last-modified: Wed, 29 Jun 2022 20:38:21 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="12";dur=0,cdnip;desc="23.206.209.10";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: TzIMFupBK6uWJ/AzJzAHLWhk3U8wEm210uQUmoyPCe9H3EUnFuFjtktO+zO6oVSdFOlO4cWfrLk=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: TVKKXP1HSQ26XZT2
x-amz-server-side-encryption: AES256
x-amz-version-id: m3TqB0hrA2JxToASN_GB6qxxR0UDzJZC

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 81ms
15ms Script
application/x-javascript 2600:9000:2070:7000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:7000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e35796493f977523161a6a88ad31128de3d1268aa0d0c55b202c50f5e95f043b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 01:05:42 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 01:43:59 GMT
server: nginx
age: 6981
etag: W/"62b516df-5c0e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: utUFAXJD3-8H6OlKfxtwNBJbrDC_oYE8U79dAzs-Gf791jsJnRZ-bw==
expires: Thu, 30 Jun 2022 03:05:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 52ms
31ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: CQYNWvkCNLVWstuUTg5J7TOzxuH1TbS9MAjipuzd4/+GX9iCRdxyJKFDAxcr4scrf2Y8sFS2kdWlH1aTNorHzg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Jun 2022 03:02:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-182799.js Show response
static.hotjar.com/c/ 5 KB
2 KB 94ms
34ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-182799.js?sv=6

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

faaa574700f878dd7ceb8d8ef9bea5d5e060ba574ae90fe593f8099fe8f205b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:03 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/9707d38d5d4c10e562825cff76431081
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: _fyz1DvIK9ZE8Ua8B2zlMfIWPpx8SNVbRVi69JzndmqqtSNEC3aq3g==
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 56ms
9ms Script
application/x-javascript 2a02:26f0:ef::5c7b:c24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 03:02:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=54839
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 72ms
14ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: YZSMQGRB05HJ865M
x-amz-id-2: 91+tSZY0RCnZnfKIn7oI7yyNm1ji3BB6twYGXJ4P64ZSa8zmrcz572LK0q9Loid/fgnNZgkjX+c=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

OPTIONS
H/1.1 200
OK tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 0
0 1148ms
276ms Preflight 3.104.230.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.104.230.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-104-230-68.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.afr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.afr.com
Connection: keep-alive
Content-Length: 0
Date: Thu, 30 Jun 2022 03:02:04 GMT
Server: akka-http/10.0.9

GET
H2 200 0dce9b9f8435c1f152ac6079877f701b.sprite.svg Show response
www.afr.com/assets/svg/ 95 KB
35 KB 24ms
23ms XHR
image/svg+xml 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afr.com/assets/svg/0dce9b9f8435c1f152ac6079877f701b.sprite.svg

Requested by

Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.898ce34d3220fe5a0fab.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea85962c6546b1811ad00ad17674ee28a369bfb07be765e4071157b76f620ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"17c8e-180ef919c38"
age: 3270131
uber-trace-id: 2585c7055c6f770e:2585c7055c6f770e:0:0
x-cache: HIT, HIT
content-length: 35487
x-served-by: cache-syd10127-SYD, cache-mxp6945-MXP
last-modified: Mon, 23 May 2022 06:18:59 GMT
x-frame-options: sameorigin
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
x-varnish-grace: none
accept-ranges: bytes
x-cache-hits: 2974, 2

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/assets/client.57e399003a3ac519f832.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e22721ce191cab06c0f7269431a9eac8a32579d764c2e005852d3502c459fc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 30 Jun 2022 03:02:03 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "e961625a9b34a42f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 03:02:03 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 146 KB
46 KB 52ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.afr.com
URL: https://www.afr.com/assets/client.57e399003a3ac519f832.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

117b6e78ac1db5701b7f7b07a6bf8e5997b27a2e8c96b0b927e3eb9c6c244b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 02:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46002
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 18:06:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 03:49:03 GMT

POST
H/1.1 200
OK tp2 Show response
i.ffx.io/com.snowplowanalytics.snowplow/ 2 B
435 B 1100ms
276ms XHR
text/plain 3.104.230.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.11.0-patched/sp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.104.230.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-104-230-68.ap-southeast-2.compute.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 30 Jun 2022 03:02:06 GMT
Server: akka-http/10.0.9
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.afr.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

GET
H2 200 graphql Show response
api.afr.com/ 196 B
261 B 847ms
825ms XHR
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20memberDetailsAndSubscriptions%20%7B%20memberDetails%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20member%20%7B%20profile%20%7B%20displayName%20email%20roles%20%7B%20accountId%20role%20%7D%20shortID%20type%20%7D%20%7D%20%7D%20memberSubscriptionDetails%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20subscription%20%7B%20entitlements%20plans%20%7D%20%7D%20%7D%20&operationName=memberDetailsAndSubscriptions&variables=%7B%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.898ce34d3220fe5a0fab.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 714892f1fc598fef48b0331e7af69cdac69bfb2cec684d199b8650da4a278c75

Request headers

Accept: application/json
Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-syd10130-SYD, cache-mxp6945-MXP
vary: Origin, Accept-Encoding
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: private, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 196
x-cache-hits: 0, 0

GET
H2 200 graphql Show response
api.afr.com/ 165 B
370 B 274ms
255ms XHR
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20Account%20%7B%20account%20%7B%20autoplay%20error%20%7B%20message%20type%20%7D%20location%20%7B%20postCode%20state%20suburb%20%7D%20onboarding%20%7B%20newsfeed%20tags%20%7D%20%7D%20%7D%20&operationName=Account&variables=%7B%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.898ce34d3220fe5a0fab.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 07a7e43a30c29cd24df54879f4fc788b60a76962f3b3c5623717c19762240225

Request headers

Accept: application/json
Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-syd10136-SYD, cache-mxp6945-MXP
vary: Origin, Accept-Encoding
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: private, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 165
x-cache-hits: 0, 0

GET
H2 200 graphql Show response
api.afr.com/ 15 KB
3 KB 281ms
262ms XHR
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20MostPopularQuery(%24assetType%3A%20String%2C%20%24brand%3A%20String!%2C%20%24count%3A%20Int%2C%20%24primaryCategory%3A%20String%2C%20%24subCategory%3A%20String%2C%20%24tags%3A%20%5BString!%5D)%20%7B%20mostPopularStories(%20assetType%3A%20%24assetType%20brand%3A%20%24brand%20category%3A%20%24primaryCategory%20count%3A%20%24count%20subCategory%3A%20%24subCategory%20tags%3A%20%24tags%20)%20%7B%20...AssetFragment%20%7D%20%7D%20fragment%20AssetFragment%20on%20Asset%20%7B%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20%7D%20assetType%20dates%20%7B%20firstPublished%20modified%20published%20%7D%20id%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20label%20tags%20%7B%20primary%3A%20primaryTag%20%7B%20...AssetTag%20%7D%20secondary%20%7B%20...AssetTag%20%7D%20%7D%20urls%20%7B%20...AssetURLs%20%7D%20%7D%20fragment%20AssetTag%20on%20AssetTagDetails%20%7B%20company%20%7B%20exchangeCode%20stockCode%20%7D%20context%20displayName%20id%20name%20shortID%20slug%20urls%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20AssetURLs%20on%20AssetURLs%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20aspect%20autocrop%20cropWidth%20id%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&operationName=MostPopularQuery&variables=%7B%22brand%22%3A%22afr%22%2C%22count%22%3A6%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.898ce34d3220fe5a0fab.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 313e62763404ea9042891393159d0dc7162b42895951b40050bb61f2885d6a00

Request headers

Accept: application/json
Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
age: 39
x-served-by: cache-syd10177-SYD, cache-mxp6945-MXP
vary: Accept-Encoding, Origin
x-cache: HIT, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: public, max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3369
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 7, 0

GET
H2 200 graphql Show response
api.afr.com/ 145 B
238 B 760ms
744ms XHR
application/json 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.afr.com/graphql?query=query%20AudienceSegmentsQuery(%24userId%3A%20String!)%20%7B%20audienceSegments(userId%3A%20%24userId)%20%7B%20segments%20%7B%20engagementSegment%20%7B%20batchTime%20userSegment%20%7D%20%7D%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20%7D%20%7D%20&operationName=AudienceSegmentsQuery&variables=%7B%22userId%22%3A%22deaf2340-02a0-407d-9f11-64ec49ee4702%22%7D
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.898ce34d3220fe5a0fab.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 14e4b088db7fbce1fc7c9e34f33ce0766a0359a92f87b73df2b4b72d24a6a769

Request headers

Accept: application/json
Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
age: 0
x-served-by: cache-syd10150-SYD, cache-mxp6945-MXP
vary: Origin, Accept-Encoding
x-cache: MISS, MISS
content-type: application/json
access-control-allow-origin: https://www.afr.com
cache-control: public, max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 129
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 8 KB
3 KB 39ms
8ms Script
application/x-javascript 2a02:26f0:ef::5c7b:c24a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 03:02:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13370
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-au.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

7ms
7ms

Script
application/javascript

2600:9000:2240:6c00:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Server: 2600:9000:2240:6c00:2:42d9:3100:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63793d0dda6a57cfdf005435a1cbda2052aa34df8fbc277806d2449a5e69908c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: HQt8XLE5nRbGo0DeooyU3tu0mXB8SOSL
content-encoding: gzip
etag: W/"065495f1bf20afdc4c798bb0c22a52b9"
last-modified: Tue, 31 May 2022 17:05:49 GMT
server: AmazonS3
age: 5978
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 30 Jun 2022 01:22:27 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ynlvewuuQwQLolYan4_xq7p7YXR1-qxZuavfnGas9cDjRxb1ZeIBow==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Thu, 30 Jun 2022 03:02:04 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 ggcmb510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 71ms
7ms Script
application/javascript 2600:9000:2240:6c00:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6c00:2:42d9:3100:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: _Isx3_6AiijzpGgrItbC9uhtJub9Rgu3
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
age: 1499
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 30 Jun 2022 02:45:44 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: z2Ak0hArNP_5Cz5mGBGmbB2FzD5yvAG3T5SLni6yzRM32O-I69A1CQ==

GET
H/1.1 200
OK adc.js Show response
adc-js.nine.com.au/ 76 KB
23 KB 242ms
15ms Script
application/javascript 2600:9000:238d:ec00:7:3896:c640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adc-js.nine.com.au/adc.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:ec00:7:3896:c640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 934d4d6010b2bfc6795c8212555ff307c8e883a8fa5f974f601773d4f17e156f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 02:58:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 06:12:51 GMT
Server: AmazonS3
Age: 220
ETag: W/"23c4e4ce44af9dfacd823a16445bddda"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=utf-8
Via: 1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
X-Amz-Cf-Pop: AMS1-P1
X-Amz-Cf-Id: V0wupWddvJgYtZy44zSzOq6BQf96x3yvgt7Z9joRMNcLVoEkMCTCEg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 82ms
21ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kiad7000159-IAD, cache-muc13923-MUC

GET
H2 200 door.js Show response
au-script.dotmetrics.net/ 8 KB
3 KB 812ms
749ms Script
application/javascript 13.32.121.112

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/door.js?d=www.afr.com&t=homepage
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.112 , United States, ASN (),
Reverse DNS: server-13-32-121-112.fra60.r.cloudfront.net
Software: Kestrel /
Resource Hash: a32f10766daad6da04be2c21bf0571471b67b3df8c87e7ac226cb2aa7300a47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA60-P1
etag: ".www.afr.com.homepage.208.2022063003"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: RpjxiA4Iu4ANZYeyaXaAeJeGziQK63JwJ8fs9hyzWwUpfyLv3FxfqA==

GET
H2 200 moatheader.js Show response
z.moatads.com/fairfaxheader492510264302/ 239 KB
83 KB 43ms
8ms Script
application/x-javascript 104.90.105.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/fairfaxheader492510264302/moatheader.js
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/europa.fe982887da82c5f58e09.legacy.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.105.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-105-234.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 76a8d9ee2ab95151ad66a1a171b98906ffb973ba502c1620525f873ef3cc2b13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 14:27:47 GMT
server: AmazonS3
x-amz-request-id: R6N3RW2Z30XNSRQC
etag: "764e3c91bcac742247ddaf7370d8caa4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=38667
accept-ranges: bytes
content-length: 84062
x-amz-id-2: vcmcKfbFVXOlIt+UD88OqNlWu7TInMg0O72v8Yi0zG15INE5ZI1Af6j/ScTPDCnrsvPk1//LGLs=

GET
H2 200 2d944877d5b4995de13fd54452477a76e782d473
static.ffx.io/images/$zoom_0.2627%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_91%2C$y_63/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 5 KB
5 KB 17ms
16ms Image
image/webp 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.2627%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_91%2C$y_63/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/2d944877d5b4995de13fd54452477a76e782d473
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 847e5c887342fa55588f7ffb3ecec3914c4069f45cf17be89ea6109724ac0cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 1250
edge-cache-tag: 375622498406223994748266692303241196173,197755863766987766398103523022069498128,5f5f4219172da4ec8104790896b11172
cache-tag: 375622498406223994748266692303241196173,197755863766987766398103523022069498128,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="2d944877d5b4995de13fd54452477a76e782d473.webp"
content-length: 5050
x-cld-skey: 375622498406223994748266692303241196173 197755863766987766398103523022069498128 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Thu, 30 Jun 2022 02:27:52 GMT
server: cloudinary
x-timer: S1656558124.093368,VS0,VE1
etag: "ef5a5050e02fa679c7e067d2e8cea8e9"
x-served-by: cache-mxp6972-MXP, cache-mxp6945-MXP
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 701d5b95a6ad8a7eb00979a4337d31ea495ee25a
static.ffx.io/images/$zoom_0.3394%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_431%2C$y_557/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 2 KB
2 KB 17ms
16ms Image
image/webp 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.3394%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_431%2C$y_557/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/701d5b95a6ad8a7eb00979a4337d31ea495ee25a
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ab5bd2c29eea2f5100bce1ea4308f3342105b8e0052bf998c0c3d657353f2003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 6790
edge-cache-tag: 260556018208156836828827783203235845656,417810833168218685928561995155732828426,5f5f4219172da4ec8104790896b11172
cache-tag: 260556018208156836828827783203235845656,417810833168218685928561995155732828426,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="701d5b95a6ad8a7eb00979a4337d31ea495ee25a.webp"
content-length: 2002
x-cld-skey: 260556018208156836828827783203235845656 417810833168218685928561995155732828426 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Thu, 30 Jun 2022 00:49:00 GMT
server: cloudinary
x-timer: S1656558124.093475,VS0,VE1
etag: "ab60f53c9616a43e472eb1985d7e4c59"
x-served-by: cache-mxp6952-MXP, cache-mxp6945-MXP
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 89829e1efd1aa256b0f787c3079e3e7a78615187
static.ffx.io/images/$zoom_0.7764%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 14 KB
14 KB 18ms
16ms Image
image/webp 2a04:4e42:600::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ffx.io/images/$zoom_0.7764%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/89829e1efd1aa256b0f787c3079e3e7a78615187
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d8feb725824de14c0eab4ff5990ad89ec208b9b396a77b63e581984773901b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 1245
edge-cache-tag: 293173998845088585689317881391156959385,432359355882532820353656900424552745469,5f5f4219172da4ec8104790896b11172
cache-tag: 293173998845088585689317881391156959385,432359355882532820353656900424552745469,5f5f4219172da4ec8104790896b11172
content-disposition: inline; filename="89829e1efd1aa256b0f787c3079e3e7a78615187.webp"
content-length: 13962
x-cld-skey: 293173998845088585689317881391156959385 432359355882532820353656900424552745469 5f5f4219172da4ec8104790896b11172
x-cache: MISS, HIT
last-modified: Mon, 27 Dec 2021 20:53:47 GMT
server: cloudinary
x-timer: S1656558124.100109,VS0,VE1
etag: "c461f146bc652c339ae90079888c1aaf"
x-served-by: cache-mxp6960-MXP, cache-mxp6945-MXP
vary: User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 pubads_impl_2022062202.js Show response
securepubads.g.doubleclick.net/gpt/ 370 KB
126 KB 7ms
6ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

3d7416be1bc5914a26e73381ee8059e412f382f8e42bddfeebe630ed70193731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 08:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128508
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 21:21:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Jun 2023 08:39:34 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 127 B
123 B 43ms
26ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.afr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

97244fdc464b19592f897622016af89b6d6923ee004b9d225d12010a09224578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Thu, 30 Jun 2022 03:02:04 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 2 KB
977 B 69ms
15ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=afr.com&domain=afr.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bc43fb6d91065d5349483970505710ab4194f96a0e91a2e6fb1bccb8bb6ea8d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
x-cache-hits: 1
age: 1853
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 624
x-served-by: cache-mxp6934-MXP
access-control-allow-origin: *
x-timer: S1656558124.220554,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Tue, 28 Jun 2022 02:31:10 GMT

GET
H2 200 modules.e0f9a963b7d4b193cd64.js Show response
script.hotjar.com/ 243 KB
63 KB 47ms
7ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e0f9a963b7d4b193cd64.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-182799.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

14985928b15bd12c655b3c4e2aa400bec14add042eef99423cf5f1b37631d54c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48057
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64018
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 13:40:55 GMT
etag: "ed88526504ddc1265fe4032f28900bc6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d04699b52d8873377c4b5f4e7dcf7068.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: whwKJvupmxjliHcIM7oZP90p5n_AmiIehwlkF0nciU0tcdJozpFI7Q==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1656558124166&url=https%3A%2F%2Fwww.afr.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9724%252C3519914%26time%3D1656558124166%26url%3Dhttps%253A%252F%252Fwww.afr.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1656558124166&url=https%3A%2F%2Fwww.afr.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1656558124166&url=https%3A%2F%2Fwww.afr.com%2F&liSync=true&e_ipv6=AQIo47xiT1wCIQAAAYGyjv33qOWShMxTd1kZp3TDmxm4Wnn7GD6tWOeryiL...

0
264 B

157ms
112ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1656558124166&url=https%3A%2F%2Fwww.afr.com%2F&liSync=true&e_ipv6=AQIo47xiT1wCIQAAAYGyjv33qOWShMxTd1kZp3TDmxm4Wnn7GD6tWOeryiLCEyr6bIqA1k2W7Q5eA0OpLQlPv5Nc-UGfvg
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 744FC11C78AC401D9AA136CF9EE0BE7D Ref B: FRAEDGE1515 Ref C: 2022-06-30T03:02:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXioX6SWGABaLf3c/rKmA==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 30 Jun 2022 03:02:04 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 47744606FFF04904A171FE9E2B92C2AD Ref B: FRAEDGE1312 Ref C: 2022-06-30T03:02:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1656558124166&url=https%3A%2F%2Fwww.afr.com%2F&liSync=true&e_ipv6=AQIo47xiT1wCIQAAAYGyjv33qOWShMxTd1kZp3TDmxm4Wnn7GD6tWOeryiLCEyr6bIqA1k2W7Q5eA0OpLQlPv5Nc-UGfvg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXioX6PvXcTLEltHneG8g==

GET
H2 200 10167837.json Show response
s.yimg.com/wi/config/ 2 B
450 B 45ms
14ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10167837.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 02:26:21 GMT
x-content-type-options: nosniff
age: 2144
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: PY6DD0GPX7H9VJFY
x-amz-id-2: NW7CPSEz3qds84sjh1JN5iazPkyzGqNRdPISrVrX1x+eH2rCNRS1pxc4TMgtUbIO9AXP7hYKKzs=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
21 KB 49ms
11ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 02:54:31 GMT
x-content-type-options: nosniff
age: 453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21972
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 03:44:31 GMT

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 35ms
13ms Other
image/svg+xml 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 02:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 03:18:27 GMT

GET
H3 200 419599435931961 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 59ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/419599435931961?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a2d16956f3add5b1dd93e812dccb2f6685d5dbb1d5b1210dad04e6d30aea5a4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: rYaOeDsvT/CPjA1dUvKuD2kHyVhZGu5xgo+rYm7HqFBxM6lyOi4DJPfGR+EsI3whUdfAsr/XBB7ECYZz4ar6Zg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Jun 2022 03:02:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656558124253
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 7ms
6ms Script
application/javascript 2600:9000:2240:6c00:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6c00:2:42d9:3100:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: iP4yvjXYuJJQxppY6zf2GK79IrFPfGnO
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
age: 3148
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 30 Jun 2022 02:09:38 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: shpf6rabL4SSYnqgUqjTVKzUw1w4-wdt_fFxr7n0Kt5qgCKjMyCMmA==

GET
H2 200 adsct
t.co/i/ 43 B
337 B 138ms
112ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=226d858d-a238-492c-b7b8-6c68fe9f99d7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=0e67572d-9bc5-478f-a7b7-3d2283028dc2&tw_document_href=https%3A%2F%2Fwww.afr.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1c4v&type=javascript&version=2.4.12

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 105
date: Thu, 30 Jun 2022 03:02:04 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 74ad804ed3d959fbe83700600292c22430ea4109d08ef6ea46890104392ff1b4
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 138ms
111ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=226d858d-a238-492c-b7b8-6c68fe9f99d7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=0e67572d-9bc5-478f-a7b7-3d2283028dc2&tw_document_href=https%3A%2F%2Fwww.afr.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1c4v&type=javascript&version=2.4.12

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 30 Jun 2022 03:02:03 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 7acd35f8d1669baf23781a2fde682549d443217be33f62b9dfa566c2d93b7f02
content-length: 43

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 2F53 2 KB
1 KB 50ms
9ms Document
text/html 108.157.4.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-182799.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-7.dus51.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2575678
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
x-amz-cf-id: mP20-d78InNMUoGy6tAyFD4BIH8BKs6Nk31OlwiCrKigbaFiiUbmcQ==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 1 KB
2 KB 158ms
52ms Script
text/html 52.16.76.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CM%24%3D!!tTm7jgBufxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-gPu8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-Uq6edntK02Wpzw%3D%3D&sc=1&os=1-bQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.afr.com%2F&pcode=fairfaxheader492510264302&rx=666281126398&callback=MoatNadoAllJsonpRequest_90361606
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/fairfaxheader492510264302/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.76.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-76-85.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: d58dd92f0a0c8da1859ee0a893fc2e1dde4da8eaedc647faef8b795a09c0efe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "686e3714274b24dd465e76361b022f59cbd2cbce"
content-length: 1393
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 9FA6 1 KB
2 KB 13ms
13ms Document
text/html 104.90.105.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/fairfaxheader492510264302/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.105.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-105-234.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1433
content-length: 1374
content-type: text/html
date: Thu, 30 Jun 2022 03:02:04 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 107ms
31ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2030%20Jun%202022%2003%3A02%3A04%20GMT&n=0&b=Financial%20Review%20-%20Business%2C%20Finance%20and%20Investment%20News%20%7C%20afr.com&.yp=10167837&f=https%3A%2F%2Fwww.afr.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 03:02:04 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 30 Jun 2022 03:02:04 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/afr.com/ 2 B
60 B 87ms
86ms Fetch
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/afr.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.afr.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
l.ffx.io/ 2 B
417 B 282ms
281ms XHR
text/plain 52.63.117.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.ffx.io/
Requested by: Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.898ce34d3220fe5a0fab.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.63.117.185 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-63-117-185.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 30 Jun 2022 03:02:05 GMT
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length: 2

OPTIONS
H/1.1 204
No Content /
l.ffx.io/ Frame 0
0 1140ms
276ms Preflight 52.63.117.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.ffx.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.63.117.185 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-63-117-185.ap-southeast-2.compute.amazonaws.com
Software: nginx/1.15.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.afr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Date: Thu, 30 Jun 2022 03:02:05 GMT
Server: nginx/1.15.9

GET
H2 200 P70F2B436-31E2-4369-A3CB-294DC350A880.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 25ms
25ms Script
application/javascript 2600:9000:2240:6c00:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P70F2B436-31E2-4369-A3CB-294DC350A880.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6c00:2:42d9:3100:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04d088660e2b8b96f9629f6e2f5327468f136a7fa0507e5768e005ba71278bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: WvZ9WTp_CahohnWK3urZv3IGCaJGSTz2
content-encoding: gzip
etag: W/"56a023d0e23697e58ec4d2be8d665fae"
last-modified: Tue, 28 Jun 2022 15:17:24 GMT
server: AmazonS3
age: 37
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Thu, 30 Jun 2022 03:02:04 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: eizpj5BT_X22pEKr8LCDrdfPa3WGmwljaI82QRV0xHvWHcxQU4vuog==

GET
H3 200 1831268437115893 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 47ms
46ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1831268437115893?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ab3d14e66d9472a75314152d45e8b694b6bf70956bf9304fc8218d22fa6d792

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: zribHOmNoSn2HK0NksiBHLe8C/uUkMJOQLv2F18aAa72cv0w00D1oGde3ar5J+w8oTrPHSyVaCnWeR3pZT/dew==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Jun 2022 03:02:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656558124500
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 32ms
11ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=419599435931961&ev=PageView&dl=https%3A%2F%2Fwww.afr.com%2F&rl=&if=false&ts=1656558124455&cd[brand]=afr&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1656558124452.2032701791&it=1656558124195&coo=false&rqm=GET

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 30 Jun 2022 03:02:04 GMT

GET
H2 200 storageframe.html Show response
secure-gl.imrworldwide.com/ Frame 3917 11 KB
4 KB 186ms
117ms Document
text/html 2600:9000:224a:1400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 03:02:04 GMT
etag: W/"62880196-2b27"
last-modified: Fri, 20 May 2022 21:01:10 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
x-amz-cf-id: 0t0pcFiacQdxQ-7wpyxJexFIbzm-2W-tW6P7IAfviACtpk7TSYGKgA==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront

GET
H3 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame B052 25 KB
8 KB 76ms
76ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=460155&publicationId=afr.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d48802ca946e034919a16f8b902e2581b932ee17d65b2f9707e4234c665d5d5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2y4aye4W6J6wwC2OaLdl5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-2y4aye4W6J6wwC2OaLdl5Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2y4aye4W6J6wwC2OaLdl5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-2y4aye4W6J6wwC2OaLdl5Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Thu, 30 Jun 2022 03:02:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 195 KB
55 KB 12ms
12ms Script
application/javascript 2600:9000:2240:6c00:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P70F2B436-31E2-4369-A3CB-294DC350A880.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6c00:2:42d9:3100:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding: gzip
etag: W/"81a9e2a298d0019660cb2966f0c24748"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
age: 2820
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 30 Jun 2022 02:15:05 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: i3-9QfTLHvlD8xVVICFCYpQ2gHnw-9XjuGODRJ4QOfP9cYpufyZjuw==

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 207D 12 KB
4 KB 7ms
6ms Document
text/html 2600:9000:2240:6c00:2:42d9:3100:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:6c00:2:42d9:3100:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3388
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Thu, 30 Jun 2022 02:05:37 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
x-amz-cf-id: upyPtHpTTyGvqwCkNdpnFQNeNtEhB6uoyKohrL3-IyUVsfZKKjqOzw==
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache: Hit from cloudfront

GET
H3 200 953970877989909 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 50ms
50ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/953970877989909?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a856effe388476c6d95d221197a9290d983e581059885b7142f4228fca2da310

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: J72gPlhsn3X8g0Sf2gmeXrUkUG+iq9tAR8yNoOU0s6CukxnDopSsVTHB8+Uq73fJK1dt+Y6Yf31wGZFVR0Vtjw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Jun 2022 03:02:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656558124583
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1831268437115893&ev=PageView&dl=https%3A%2F%2Fwww.afr.com%2F&rl=&if=false&ts=1656558124535&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221111245219334310%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22AUD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22248737323376397%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22AUD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22238870547858716%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%221061618751009995%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1656558124452.2032701791&it=1656558124195&coo=false&rqm=GET

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 30 Jun 2022 03:02:04 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 37ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.afr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.afr.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
15 KB 1442ms
1441ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3123503251907723&correlator=2483339958414734&eid=31068191%2C44766393&output=ldjh&gdfp_req=1&vrg=2022062202&ptt=17&impl=fifs&iu_parts=21671780509%2Cafr%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%2C970x250%7C728x90%2C320x50%7C6x2%2C320x50%7C6x2&fluid=0%2C0%2Cheight%2Cheight&ifi=1&adks=2264566581%2C1844289921%2C1748880112%2C897796042&sfv=1-0-38&ecs=20220630&fsapi=false&prev_scp=pos%3D1%26src_ad_id%3Dadspot-970x250_728x90-pos1-desktop%7Cpos%3D2%26src_ad_id%3Dadspot-970x250_728x90-pos2-desktop%7Cpos%3D1%26src_ad_id%3Dadspot-N-6x2-pos1-desktop%26nativesz%3D6x2%7Cpos%3D2%26src_ad_id%3Dadspot-N-6x2-pos2-desktop%26nativesz%3D6x2&cust_params=adKitVersion%3D2.1.14%26autoRefresh%3Dfalse%26brms%3Dtrue%26brvs%3Dtrue%26deployEnv%3Dproduction%26layout%3Dblue%26pageviewid%3DA9405237-863B-4D7D-93CC-D51955C7408E%26swgt%3Dna%26sysEnv%3Ddesktop%26ctype%3Dhomepage%26cat%3Dhomepage%26csub%3Dvisitor%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&sc=1&cookie_enabled=1&abxe=1&dt=1656558124564&lmt=1656558124&dlt=1656558123245&idt=976&biw=1600&bih=1200&adxs=315%2C315%2C-12245933%2C-12245933&adys=279%2C1712%2C-12245933%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.afr.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x138%7C1340x147%7C540x0%7C540x0&msz=1600x90%7C1340x90%7C6x0%7C6x0&fws=4%2C4%2C132%2C132&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1106769616.1656558125&ga_sid=1656558125&ga_hid=567220853&ga_fc=false&btvi=0%7C1%7C-1%7C-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

8bed23da34ba45596567d5a1403000102e7f6181d548af60b05d4997b3ad7573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.afr.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
46ff92099532df74a0ec3f50bcb1ad9c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1248 6 KB
4 KB 60ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://46ff92099532df74a0ec3f50bcb1ad9c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 03:02:04 GMT
expires: Fri, 30 Jun 2023 03:02:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 cspreport
news.google.com/_/SubscribewithgoogleClientUi/ Frame B052 0
25 B 29ms
28ms Other
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6OYHonjfXrSW3d7pdEh7mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-6OYHonjfXrSW3d7pdEh7mA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460155&publicationId=afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: script-src 'report-sample' 'nonce-6OYHonjfXrSW3d7pdEh7mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'nonce-6OYHonjfXrSW3d7pdEh7mA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/SubscribewithgoogleClientUi/cspreport, require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
date: Thu, 30 Jun 2022 03:02:04 GMT
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 207D 44 B
703 B 92ms
34ms Image
image/gif 52.214.221.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P70F2B436-31E2-4369-A3CB-294DC350A880&sessionId=js3stgkut98jtqv6pn0id3qj3dygc1656558124&c16=sdkv,bj.6.0.0&uoo=&fp_id=9gm7runotamx0kxv7jwn6h9yh5h2l1656558124&fp_cr_tm=1656558124514&fp_acc_tm=1656558124514&fp_emm_tm=1656558124514&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.221.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-221-189.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 03:02:04 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
js3stgkut98jtqv6pn0id3qj3dygc1656558124.nuid.imrworldwide.com/ Frame 207D 35 B
350 B 47ms
8ms Image
image/gif 2600:9000:223f:f400:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js3stgkut98jtqv6pn0id3qj3dygc1656558124.nuid.imrworldwide.com/
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f400:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 03:10:11 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 85914
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 35
x-amz-cf-id: fI5KGsVbeCVtU8okg4ZSPjNHO1bOrr4RqDZRddCCTHqja0KWWs9eAw==

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame B052 21 KB
21 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460155&publicationId=afr.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 02:54:31 GMT
x-content-type-options: nosniff
age: 453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21972
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 03:44:31 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/am=GQAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5p... Frame B052 167 KB
59 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/am=GQAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5pbtwaa2BsL0CxrbcvS_M5liFQ_w/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460155&publicationId=afr.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5091640ae45c50e6ae0bd44aab47b41b385f9d6df6cf7b2bb53c37cf6311bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 19:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59893
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 23:54:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 19:55:34 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=953970877989909&ev=PageView&dl=https%3A%2F%2Fwww.afr.com%2F&rl=&if=false&ts=1656558124609&cd[user.status]=visitor&cd[brand]=afr&cd[page.type]=homepage&cd[page.renderedPlatform]=WEB&cd[Container%20ID]=GTM-NN4PPKH&cd[page.name]=Financial%20Review%20%20Business%2C%20Finance%20and%20Investment%20News%20%7C%20afr.com&cd[page.author]=(not%20set)&cd[page.fullPageLoad]=true&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656558124452.2032701791&it=1656558124195&coo=false&rqm=GET

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 30 Jun 2022 03:02:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B052 15 KB
16 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=460155&publicationId=afr.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 122123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Jun 2023 17:06:41 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
356 B 425ms
97ms XHR
text/plain 34.202.168.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/13780390039.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.168.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-168-134.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Jun 2022 03:02:04 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.afr.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: d8752962-e2c2-4f92-890d-e5a029a07025

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1... Frame B052 132 KB
44 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1.O/am=GQAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5hjrMytvDqEAAdf65gvDbsNdufuw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,ws9Tlc,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,VWuaCc,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/am=GQAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5pbtwaa2BsL0CxrbcvS_M5liFQ_w/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ade716824e2958ce29c33275050bb8526d1961ea2c5111cc46f293c0c5f7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 19:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45497
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:16:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 19:55:44 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1... Frame B052 18 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1.O/am=GQAQ/d=1/exm=COQbmf,DfBslb,DsXBRb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,ZfAoz,_b,_r,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5hjrMytvDqEAAdf65gvDbsNdufuw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0290af29fe4c6b10c5388580fbae990b8635720e9f0e52426b0ecdfb9a2625b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 20:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7444
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:16:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:06:03 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
751 B 118ms
118ms Image
image/gif 2600:9000:224a:1400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1656558124686&ci=f2&js=1&cg=0&ts=v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CM%24%3D!!tTm7jgBufxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-gPu8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-Uq6edntK02Wpzw%3D%3D&sc=1&os=1-bQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.afr.com%2F&pcode=fairfaxheader492510264302&rx=666281126398&callback=MoatNadoAllJsonpRequest_90361606&vn=6.0.107&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.afr.com%2F&sr=1600x1200&id=lstrg-04698acd155d77229bd9776b5f25f013
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: Per9e8PGGIiusGNhJ--TaHn0dgeTADHVuXz1q6ZQsu4rd66D2ZehVw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1... Frame B052 1 KB
716 B 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.-pixuSGIxag.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Tt86jVDYdzc.L.B1.O/am=GQAQ/d=1/exm=COQbmf,DfBslb,DsXBRb,FCpbqb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,VWuaCc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hhhU8,lPKSwe,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5hjrMytvDqEAAdf65gvDbsNdufuw/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b21c7fcd79763d466de7cf3e82a80aa311223482f5421b2b259a1c636962a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 20:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 690
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:16:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 20:06:04 GMT

POST
H2 200 log Show response
play.google.com/ Frame B052 131 B
672 B 42ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Jun 2022 03:02:04 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame B052 387 B
324 B 46ms
45ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2F_%2Fui%2Fv1%2Fserviceiframe&f.sid=-4727956568261911066&bl=boq_subscribewithgoogleclientserver_20220627.09_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=10925&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1143c20f6e44484279936ecf3bf4a97dd3ff1d878d276c03fc703a631a9d1d44

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame B052 131 B
155 B 17ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Jun 2022 03:02:04 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 30ms
16ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 30 Jun 2022 03:02:04 GMT
expires: Thu, 30 Jun 2022 03:02:04 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B052 131 B
155 B 18ms
17ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Jun 2022 03:02:04 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 29ms
16ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 30 Jun 2022 03:02:04 GMT
expires: Thu, 30 Jun 2022 03:02:04 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B052 131 B
155 B 19ms
18ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Jun 2022 03:02:04 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 28ms
16ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 30 Jun 2022 03:02:04 GMT
expires: Thu, 30 Jun 2022 03:02:04 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B052 131 B
155 B 25ms
24ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Jun 2022 03:02:04 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 28ms
16ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 30 Jun 2022 03:02:04 GMT
expires: Thu, 30 Jun 2022 03:02:04 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B052 131 B
155 B 19ms
17ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Jun 2022 03:02:04 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 23ms
13ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 30 Jun 2022 03:02:04 GMT
expires: Thu, 30 Jun 2022 03:02:04 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame B052 131 B
155 B 19ms
18ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 03:02:04 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Jun 2022 03:02:04 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 25ms
15ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 30 Jun 2022 03:02:04 GMT
expires: Thu, 30 Jun 2022 03:02:04 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
6ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7035
date: Thu, 30 Jun 2022 01:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 03:04:49 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 1686ms
312ms XHR
application/json 54.171.229.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BEB5C8A15492DB600A4C98BC%40AdobeOrg&d_nsid=0&ts=1656558124864

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.229.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-229-53.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2babc503489cf0b30c424b097e97f7ac6a1aa49f13a89cf732150f0c63126e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v035-0d86c6871.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 8i5wsBC8RMY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.afr.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 876
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 collect.js Show response
10510523.collect.igodigital.com/ 8 KB
2 KB 380ms
146ms Script
application/javascript 54.175.67.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://10510523.collect.igodigital.com/collect.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.67.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-67-42.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:05 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 20:50:24 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 p.js Show response
cdn.parsely.com/keys/afr.com/ 72 KB
25 KB 27ms
7ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/afr.com/p.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c99bb554f568a8bfa9c4ebf178407e1fe47e531cd6f1a8f520d3b5c6942deb50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: public
date: Wed, 29 Jun 2022 05:48:10 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 21:02:58 GMT
server: nginx
age: 76434
etag: W/"624b5d02-11f4e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: rQNgf7ou8XMI7mvYn4ZPuEVmExobV6VlVLyoV6oquW8IuEkWUDQYLA==
expires: Thu, 30 Jun 2022 05:48:10 GMT

GET
H3

200

/ Show response
adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=... Frame 636A
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=6633783;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9706568082843.521?
https://ad.doubleclick.net/ddm/activity/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://adservice.google.com/ddm/fls/p/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;n...

42 B
63 B

56ms
41ms

Document
image/gif

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9706568082843.521;~oref=https://www.afr.com/

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 42
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 03:02:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 03:02:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://adservice.google.de/ddm/fls/p/src=6633783;dc_pre=CJXL2PSX1PgCFQRFHgIdfuECJw;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9706568082843.521;~oref=https://www.afr.com/
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hit.gif
au-script.dotmetrics.net/ 43 B
1 KB 746ms
746ms Image
image/gif 13.32.121.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-script.dotmetrics.net/hit.gif?id=12796&url=https%3A%2F%2Fwww.afr.com%2F&dom=www.afr.com&r=1656558124891&pvs=1&pvid=7be99e88-e30d-40e6-9df0-2cc267fc9f53&c=true&tzOffset=0
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.112 , United States, ASN (),
Reverse DNS: server-13-32-121-112.fra60.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:05 GMT
dotmetrics-hit-status: 01 OK
server: Kestrel
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: image/gif
x-amz-cf-id: h1Wb_MUmOLYWa-9zKiynyt3APxDSHNfX379_2andlty_C0d78oG1_g==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=567220853&t=pageview&_s=1&dl=https%3A%2F%2Fwww.afr.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Financial%20Review%20%20Business%2C%20Finance%20and%20Investment%20News%20%7C%20afr.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACEABBAAAAC~&jid=646875605&gjid=179547450&cid=1106769616.1656558125&tid=UA-91053368-8&_gid=1016129349.1656558125&_r=1&gtm=2wg6r0NN4PPKH&cd1=afr&cd2=&cd3=&cd4=(not%20set)&cd5=WEB&cd6=A9405237-863B-4D7D-93CC-D51955C7408E&cd7=homepage&cd12=false&cd14=visitor&cd24=non%20metered&cd27=(not%20set)&cd28=P70F2B436-31E2-4369-A3CB-294DC350A880&cd29=afr.com-brand%20only&cd33=%22d1139692-8982-49dd-9662-09ee2deb5eed%22&cd35=true&cd38=&cd40=desktop&cd42=https%3A%2F%2Fwww.afr.com%2F&cd46=Financial%20Review%20%20Business%2C%20Finance%20and%20Investment%20News%20%7C%20afr.com&cd56=visitor&cd57=false&cd60=&cd61=false&cd62=&cd63=&cd64=&cd65=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&cd66=&z=1885372137

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 03:02:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.afr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-91053368-8&cid=1106769616.1656558125&jid=646875605&gjid=179547450&_gid=1016129349.1656558125&_u=YChACEAABAAAAC~&z=724213774

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Jun 2022 03:02:04 GMT
content-type: text/plain
access-control-allow-origin: https://www.afr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8EE4 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.afr.com
Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.afr.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 03:02:04 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 script.js Show response
au-script.dotmetrics.net/Scripts/ 78 KB
33 KB 743ms
742ms Script
application/javascript 13.32.121.112

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/Scripts/script.js?v=208
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?d=www.afr.com&t=homepage
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.112 , United States, ASN (),
Reverse DNS: server-13-32-121-112.fra60.r.cloudfront.net
Software: Kestrel /
Resource Hash: f6d9a588cbfb6930ee161a69047363aebc80032a4d1de2e17529799f5d34d067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:05 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 10:00:00 GMT
server: Kestrel
x-amz-cf-pop: FRA60-P1
etag: "1d87fd58266693a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-cf-id: Wt3Ilw4CeklVcL0IkvQbsuK3ZxKe21HYDRueUww3yUAW80OPZ698og==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 41ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91053368-8&cid=1106769616.1656558125&jid=646875605&_u=YChACEAABAAAAC~&z=17825345

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 03:02:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 47ms
20ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-91053368-8&cid=1106769616.1656558125&jid=646875605&_u=YChACEAABAAAAC~&z=17825345

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 03:02:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5D43 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.afr.com
Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.afr.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 03:02:05 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 / Show response
adc.nine.com.au/ 89 B
528 B 915ms
299ms Fetch
application/json 13.236.75.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adc.nine.com.au/?

Requested by

Host: adc-js.nine.com.au
URL: https://adc-js.nine.com.au/adc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.236.75.31 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-236-75-31.ap-southeast-2.compute.amazonaws.com

Software

awselb/2.0 /

Resource Hash

b57eae312257ce633dd54d1d539410428448aea47fb0b15207cb841555c6d4c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json
Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:02:05 GMT
server: awselb/2.0
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.afr.com
cache-control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=2592000
content-type: application/json; charset=utf-8
content-length: 89

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8193 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.afr.com
Referer: https://www.afr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.afr.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 03:02:05 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 202 track_page_view
nova.collect.igodigital.com/c2/10510523/ 43 B
683 B 120ms
119ms Image
image/gif 54.175.67.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/10510523/track_page_view?payload=%7B%22title%22%3A%22Financial%20Review%20-%20Business%2C%20Finance%20and%20Investment%20News%20%7C%20afr.com%22%2C%22url%22%3A%22https%3A%2F%2Fwww.afr.com%2F%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%7D%7D

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.67.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-67-42.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-runtime: 0.010724
date: Thu, 30 Jun 2022 03:02:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 6bccd504-108c-45d1-b550-81ae342d10ab

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 133ms
29ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1656558125284&plid=17214660&idsite=afr.com&url=https%3A%2F%2Fwww.afr.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_pageviewID%22%3A%22A9405237-863B-4D7D-93CC-D51955C7408E%22%2C%22member_type%22%3A%22Visitor%22%2C%22user_engagement%22%3A%22single%2Floyal%22%7D&sid=1&surl=https%3A%2F%2Fwww.afr.com%2F&sref=&sts=1656558125277&slts=0&title=Financial+Review+-+Business%2C+Finance+and+Investment+News+%7C+afr.com&date=Thu+Jun+30+2022+03%3A02%3A05+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=65557525&u=pid%3D4c55a47c9aba613463fa36e9284231ab
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 03:02:05 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 30-Jun-2022 03:02:05 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET

/
adc.nine.com.au/ Frame F714
Redirect Chain

https://ib.adnxs.com/getuid?https://adc.nine.com.au?appNexusUid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fadc.nine.com.au%3FappNexusUid%3D%24UID
https://adc.nine.com.au/?appNexusUid=5240102274109068021

0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022205270638000/ 220 KB
61 KB 70ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022205270638000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b5009378f9d9a28cc3eb2149030d692f8c7f8b92a0b49c32eab7f7a71398853

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61467
x-xss-protection: 0
server: sffe
date: Tue, 28 Jun 2022 21:30:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "71f22900d1f73a79"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 21:30:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022205270638000/v0/ 14 KB
5 KB 79ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022205270638000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5195
x-xss-protection: 0
server: sffe
date: Tue, 28 Jun 2022 21:30:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4bef18b80ae165d1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 21:30:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022205270638000/v0/ 94 KB
28 KB 80ms
17ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022205270638000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28898
x-xss-protection: 0
server: sffe
date: Tue, 28 Jun 2022 21:30:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7ca71f15d9979237"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 21:30:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022205270638000/v0/ 5 KB
2 KB 83ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022205270638000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 481214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 24 Jun 2022 13:21:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "67a7e3dd539afea9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 24 Jun 2023 13:21:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022205270638000/v0/ 40 KB
13 KB 84ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022205270638000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 481214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12940
x-xss-protection: 0
server: sffe
date: Fri, 24 Jun 2022 13:21:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8dbbd2e5c9e4f2da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 24 Jun 2023 13:21:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062202.js?cb=31068191

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:44:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Jun 2022 03:02:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jun 2022 03:02:06 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
3 KB 32ms
8ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 62428
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 30 Jun 2022 09:41:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
757 B 31ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 61741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 30 Jun 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 37ms
18ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfFD1JkcOwWcvMVClnBRdwhicHsA2GscTNN6IuW-iJpU5EG0bKfI0v0JBwFnu6BZwSDvSp
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 53ms
52ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAc-8LBK9YpChJpSW-gau2IzIA5OT8vBq6Na4uugP_ZbFrZYOEAEgvdu5YGCV8p2CrAegAbDWgZkoyAEJqQID7woOX4WxPuACAKgDAcgDCqoE4QFP0H4RY1ZpEivwwAPZWJEhEByhE5P-G0JoG2nqI27pu9W8U5G7NJBA4GNs6vyOldAB-V6Snw37TQ-ftT7fvTmDiiMo0zWbYtYEjHQcmlK0DZC3rV3v9RChJLoRBoVCVvtdLM9GA44DQLS1L2kHq-ojWJ1FHQqkVGzOxBFg4J09yndLqMGMbgHM1nyKDdIAWeDTtiFSXDxomo0BqclCwuTuuMj2dZss95wGyZxLoBhTecfNdxJYZOeoswqpQpnwO1jn5KwA4qLw_9FmNaZEDB7umSgWAyvfH1v_iRwo2hG3mufABPPNt8LuA-AEAZIFBAgEGAGSBQQIBRgEoAYugAewjtL4AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKvlTtIIEgiI4YBwEAEYHTID64IBOgKAQIAKA8gLAbgTiCfYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItODAyNzY1NTkxNzM0OTQxMBithWs&sigh=5aki7jetUfA&uach_m=[UACH]&template_id=5000
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 35ms
17ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSV-Vb4PSH1N_Z1MUwZ3BIlpCf58TsB8ctNYUvZ0tV9HAM475AZT5gREBdS6EgKnzJpQMb
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 56ms
53ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_x_aLBK9YpGhJpSW-gau2IzIA5OT8vBq6Na4uugP_ZbFrZYOEAEgvdu5YGCV8p2CrAegAbDWgZkoyAEJqQID7woOX4WxPuACAKgDAcgDCqoE5AFP0KHP8PomVfa9z695adWeaDmDE-36qyE3zpD-FSDeCq9_hPSjhgFquWtRhGZ8u7_FmLuWyf753dLDmfDTUsGHn8HBsEaEnll--vIosZhx017SqY8xCHrXVyqtzRIYpiCYA8TX4jVI2Q53PslN_4eFIoDHX_bQM-xzbhYeOF7SGnSJRG19Syav83TpKSSDQ7tl8153372hVAu4S3kDnLzxCawC_WSuOlS0PCN-mQTHOJZFYxO38oCJXgRXZ8OvnncrFc_URPQ0YraTmmbUK09RcxC3DUAWn-AiSMVYmtkcm_o5ZgnABPPNt8LuA-AEAZIFBAgEGAGSBQQIBRgEoAYugAewjtL4AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENbeQ9IIEgiI4YBwEAEYHTID64IBOgKAQIAKA8gLAbgTiCfYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItODAyNzY1NTkxNzM0OTQxMBithWs&sigh=IWSlyOHgBsY&uach_m=[UACH]&template_id=5000
Requested by: Host: www.afr.com
URL: https://www.afr.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/24060625993900960/ 29 KB
29 KB 30ms
9ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/24060625993900960/downsize_200k_v1?w=600&h=314

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c33538673cc2870f7ae9cac9a32bf7bd5875f8e531016dabbdf890f083d95ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:13:02 GMT
x-content-type-options: nosniff
age: 413344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29478
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 12:12:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Jun 2023 08:13:02 GMT

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b878344eefd7922851c433eed16506a112c7ba6478e3b2f8b678c53183556e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ 28 KB
28 KB 25ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.afr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 23112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 20:36:54 GMT

GET SiteEvent.dotmetrics
au-script.dotmetrics.net/ 0
0

GET
H2 200 id Show response
fairfaxau.sc.omtrdc.net/ 2 B
314 B 423ms
144ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fairfaxau.sc.omtrdc.net/id?d_visid_ver=1.8.0&d_fieldgroup=A&mcorgid=BEB5C8A15492DB600A4C98BC%40AdobeOrg&mid=28295902398231692132619480156903843639&ts=1656558126568

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 30 Jun 2022 03:02:06 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-69c8d8cc76-wmlt6
vary: Origin
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.afr.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK event Show response
nd.demdex.net/ 2 KB
1 KB 507ms
115ms XHR
application/json 34.250.172.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.demdex.net/event?_ts=1656558124876

Requested by

Host: www.afr.com
URL: https://www.afr.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.172.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-172-3.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bac93b0d5aa0078309c862c321a45c7edbcc14b6388a1c10d5f88bac3a70a104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.afr.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v035-0d50c730e.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: Tq+XYUU/S7w=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.afr.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 672
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
497 B 64ms
43ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvegkfcbTqqca9vRWjDcfWJU-xn66DTQgqffIDqwuOuPw936rS9QpcV-7vtFB8KlWQGubK--7z-GNLReG9GktxlzHi-gYYvsKkRMHN1htTwq5rJ-e-3bW3Q7P4BLA3wBasp5U77L5z7m3L_5Q&sai=AMfl-YSnGt1QdiRcRQ2ep4REkqPPrl_4f4kiYyUCnkUagNjtAZcLcy9VEUy-O-XS4IJhH6-0YfExewZbCWeMY6Z8O6PIMQzh-1p03Ge4K7RVZPnst8pGwmdc_P0qOUMd3TYs&sig=Cg0ArKJSzBN61KMBWdOzEAE&cid=CAASUORoOpAHgu9WCfqueOD1glUmD-CducmO20UnDYPTZm3SJrsGU6Lr1Hu3nem70B9uW6lNmfN-qq-BlI7OF7hNKtrofu68Zf3aVA1Lo9dKiBQQ&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=3566&tls=4566&g=100&h=100&tt=4566&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 03:02:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
596 B 31ms
31ms Image
image/gif 52.214.221.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_b25_afr.com-brand%20only_S&asn=afr.com-brand%20only&fp_id=9gm7runotamx0kxv7jwn6h9yh5h2l1656558124&fp_cr_tm=1656558124514&fp_acc_tm=1656558124514&fp_emm_tm=1656558124514&ve_id=&sessionId=js3stgkut98jtqv6pn0id3qj3dygc1656558124&prv=1&c6=vc,b25&ca=NA&c13=asid,P70F2B436-31E2-4369-A3CB-294DC350A880&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,afr&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,8bl0sqlggf66s3k3csowalwt6rvzy1656558124&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16565581245112765&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=undefined%20homepage&c3=st,c&c64=starttm,1656558126&adid=undefined%20homepage&c58=isLive,false&c59=sesid,&c61=createtm,1656558126&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.afr.com%2F&c66=mediaurl,&sdd=&c62=sendTime,1656558126&rnd=251390
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.221.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-221-189.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.afr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 03:02:07 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adc.nine.com.au
URL: https://adc.nine.com.au/?appNexusUid=5240102274109068021

Domain: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTI3OTYsImZsIjp0cnVlLCJkb20iOiJ3d3cuYWZyLmNvbSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuYWZyLmNvbS8iLCJydXJsIjoiIiwicHZpZCI6IjdiZTk5ZTg4LWUzMGQtNDBlNi05ZGYwLTJjYzI2N2ZjOWY1MyIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1656558126103

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.afr.com/	1970-01-20 04:09:19	Name: _sp_ses.0af9 Value: *
.afr.com/	1970-01-20 21:40:30	Name: _sp_id.0af9 Value: deaf2340-02a0-407d-9f11-64ec49ee4702.1656558124.1.1656558124.1656558124.3a5c24fc-34ea-486c-81ad-1780819e20ca
.afr.com/	1970-01-20 08:28:30	Name: optimizelyEndUserId Value: oeu1656558123608r0.6413283766794358
www.afr.com/	1969-12-31 23:59:59	Name: _bsMode Value: true
.linkedin.com/	1970-01-20 04:52:30	Name: UserMatchHistory Value: AQKiJOFDjlKDpQAAAYGyjvzxj1Osd8HknhdltxASYf0s2CXZZ8VyucF7FEqr8XJqnO91_nQQt42i7g
.linkedin.com/	1970-01-20 04:52:30	Name: AnalyticsSyncHistory Value: AQLZoTxBHNom5gAAAYGyjvzxMh70tai7n7zkmSXnMh4Bwe-Hq6qY247C71sko3Swu7twAGNhjzclhNHhVqVgEg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:41:11	Name: bcookie Value: "v=2&0cddc24a-910e-4d32-8fde-3dbd9d588f2e"
.linkedin.com/	1970-01-20 04:10:44	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2741:u=1:x=1:i=1656558124:t=1656644524:v=2:sig=AQFN0YC9LAcbehTtUfI2rIWmwDKShqh6"
.afr.com/	1970-01-20 04:09:21	Name: _t_tests Value: eyJtUHZobGo3WGZKR1hTIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyIzMkZUMyIsIlJrSThhIl19LCJNTkt1dDZZSjBQa3k0Ijp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEUkZWdUMiLCJEWmIzS3QiXX0sImxpZnRfZXhwIjoibSJ9
.t.co/	1970-01-20 21:40:30	Name: muc_ads Value: 34f15169-b166-4c83-968c-3caeba3d4272
.twitter.com/	1970-01-20 21:40:30	Name: personalization_id Value: "v1_jepfqt6pHakQAidKy8ZJew=="
.google.com/	1970-01-20 08:32:49	Name: NID Value: 511=UyP2zRcFzMWc-vHb-isbk_X8jcIvQpftnS6fPB_kfxd06gU_RJkBbi-_5sPZcStcgAktJvARJjziSTbJqZG6dvwEXfzYcOB6jKj9OOR3rcjZw3UqTZzN9opYztnq3BhI-LNBJG_M0S4L2AClLa7yF-OAf8WXr8UnfYKo2tt7UuE
.yahoo.com/	1970-01-20 12:55:15	Name: A3 Value: d=AQABBCwSvWICEPRE8PdDMxrWGdGH_ppxWGEFEgEBAQFjvmLGYgAAAAAA_eMAAA&S=AQAAAkclE-kz53eHojDr73W_chs
.afr.com/	1970-01-20 06:18:54	Name: _fbp Value: fb.1.1656558124452.2032701791
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:41:11	Name: bscookie Value: "v=1&20220630030204f43a4b7f-d0b6-40d3-898d-3c9f4bff89d1AQG7vUPGPOIUMEs1Z-6bQS-EsxlHkAyJ"
.linkedin.com/	1970-01-20 21:38:42	Name: li_gc Value: MTswOzE2NTY1NTgxMjQ7MjswMjFRo4kwZMbiZFWz89w+RosrCQpF9bXVyVIstpQJ9LQCbw==
.afr.com/	1970-01-20 12:54:54	Name: _hjSessionUser_182799 Value: eyJpZCI6Ijg4ZTBlMjIwLTAzMWUtNTllYy1iNmNkLTQ0MzI0NzU0MWIwNCIsImNyZWF0ZWQiOjE2NTY1NTgxMjQ0MDUsImV4aXN0aW5nIjpmYWxzZX0=
.afr.com/	1970-01-20 04:09:19	Name: _hjFirstSeen Value: 1
www.afr.com/	1970-01-20 04:09:18	Name: _hjIncludedInSessionSample Value: 1
.afr.com/	1970-01-20 04:09:19	Name: _hjSession_182799 Value: eyJpZCI6ImYwZTNlODNjLTM1NWMtNDE3My1hODc5LWM3NGFjODA3NTZkMyIsImNyZWF0ZWQiOjE2NTY1NTgxMjQ0NjgsImluU2FtcGxlIjp0cnVlfQ==
.afr.com/	1970-01-20 04:09:19	Name: _hjAbsoluteSessionInProgress Value: 0
.facebook.com/	1970-01-20 06:18:54	Name: fr Value: 0k7PW6IZDCnJ9Sv9C..BivRIs...1.0.BivRIs.
.afr.com/	1970-01-20 08:28:30	Name: nol_fpid Value: 9gm7runotamx0kxv7jwn6h9yh5h2l1656558124\|1656558124514\|1656558124514\|1656558124514
.imrworldwide.com/	1970-01-20 13:30:54	Name: IMRID Value: 05360bc1-f821-11ec-a96c-01c0b5b10a1d
www.afr.com/	1970-01-20 04:10:44	Name: ffx:audienceSegment Value: single/loyal
.afr.com/	1970-01-20 21:40:30	Name: _ga Value: GA1.2.1106769616.1656558125
.afr.com/	1970-01-20 04:10:44	Name: _gid Value: GA1.2.1016129349.1656558125
.afr.com/	1970-01-20 04:09:18	Name: _gat_ffxTracker Value: 1
.afr.com/	1970-01-20 04:09:19	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.afr.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1656558125277%2C%22slts%22:0}
.afr.com/	1970-01-20 13:38:42	Name: _parsely_visitor Value: {%22id%22:%22pid=4c55a47c9aba613463fa36e9284231ab%22%2C%22session_count%22:1%2C%22last_session_ts%22:1656558125277}
.igodigital.com/	1970-01-23 19:49:37	Name: igodigitaltc2 Value: 059ade1a-f821-11ec-983b-f6e33bd6f82c
.igodigital.com/	1970-01-20 04:09:21	Name: igodigitalst_10510523 Value: 059ae55e-f821-11ec-983b-f6e33bd6f82c
.igodigital.com/	1970-01-20 04:09:21	Name: igodigitalstdomain Value: 6484
.dotmetrics.net/	1970-01-20 12:54:54	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 12:54:54	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=b107f4c2-3e96-4395-89bb-7740958a003f&Created=06/30/2022 03:02:05&UserMode=0&guid=6ac8d58f-feb5-4fea-a3c8-4a40828bf08d&ver=1
au-script.dotmetrics.net/	1970-01-20 04:19:22	Name: AWSALBCORS Value: ilRdZeSW5HgsTisxs0V5a51OjMEqwlaA4Ph2Lj6k8oNQ4mNarppdwu/2PCosw+smNub09XVfzwGNg6p5tlNbjzEKcje3QWfBU72adHIoaCPN08hI0lWQagqHynWd
.nine.com.au/	1970-01-20 12:54:54	Name: NUID Value: 1673c440d3b0477cac71725b8a7f8c6e
.afr.com/	1970-01-20 12:54:54	Name: NUID Value: 1673c440d3b0477cac71725b8a7f8c6e
.adnxs.com/	1970-01-20 06:18:54	Name: uuid2 Value: 5240102274109068021
.afr.com/	1970-01-20 13:30:54	Name: __gads Value: ID=ef7ecdd0b5f341f2-22f56903c3cd00e5:T=1656558124:S=ALNI_MbwSfulY1YKQob-0XTT8AE3CbhGRA
www.afr.com/	1969-12-31 23:59:59	Name: DM_SitId1503 Value: true
www.afr.com/	1969-12-31 23:59:59	Name: DM_SitId1503SecId12796 Value: true
www.afr.com/	1970-01-20 04:09:19	Name: DM_SitIdT1503 Value: true
www.afr.com/	1970-01-20 04:09:19	Name: DM_SitId1503SecIdT12796 Value: true
.doubleclick.net/	1970-01-20 13:30:54	Name: IDE Value: AHWqTUkcvKShXzBpDBgxuGLl5460oYOPOiE1Y_5SxyvoUFU1VsYdv72Lt6CdxIIcQ-Y
.demdex.net/	1970-01-20 08:28:30	Name: demdex Value: 28167587450215002922596845398968101390
.afr.com/	1969-12-31 23:59:59	Name: AMCVS_BEB5C8A15492DB600A4C98BC%40AdobeOrg Value: 1
.afr.com/	1970-01-20 12:54:54	Name: AMCV_BEB5C8A15492DB600A4C98BC%40AdobeOrg Value: -1176276602%7CMCIDTS%7C19174%7CMCMID%7C28295902398231692132619480156903843639%7CMCAAMLH-1657162926%7C6%7CMCAAMB-1657162926%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1656565326s%7CNONE%7CMCAID%7CNONE
.afr.com/	1970-01-20 04:52:30	Name: aam_uuid Value: 28324040964635982702616664513758384948

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	URL: https://au-script.dotmetrics.net/Scripts/script.js?v=208(Line 110) Message: Refused to load the script 'https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTI3OTYsImZsIjp0cnVlLCJkb20iOiJ3d3cuYWZyLmNvbSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuYWZyLmNvbS8iLCJydXJsIjoiIiwicHZpZCI6IjdiZTk5ZTg4LWUzMGQtNDBlNi05ZGYwLTJjYzI2N2ZjOWY1MyIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1656558126103' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://au-script.dotmetrics.net/Scripts/script.js?v=208(Line 110) Message: Refused to load the script 'https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTI3OTYsImZsIjp0cnVlLCJkb20iOiJ3d3cuYWZyLmNvbSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuYWZyLmNvbS8iLCJydXJsIjoiIiwicHZpZCI6IjdiZTk5ZTg4LWUzMGQtNDBlNi05ZGYwLTJjYzI2N2ZjOWY1MyIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1656558126103' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
other	warning	URL: https://cdn.ampproject.org/rtv/022205270638000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	Message: Refused to frame 'https://fairfaxau.demdex.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	Message: Refused to frame 'https://fairfaxau.demdex.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').
security	error	(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fairfaxau.demdex.net') does not match the recipient window's origin ('null').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10510523.collect.igodigital.com
46ff92099532df74a0ec3f50bcb1ad9c.safeframe.googlesyndication.com
a304207300.cdn.optimizely.com
ad.doubleclick.net
adc-js.nine.com.au
adc.nine.com.au
adservice.google.com
adservice.google.de
analytics.twitter.com
api.afr.com
apis.google.com
au-script.dotmetrics.net
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.optimizely.com
cdn.parsely.com
connect.facebook.net
d2uhnetoehh304.cloudfront.net
dpm.demdex.net
fairfaxau.sc.omtrdc.net
fonts.googleapis.com
fonts.gstatic.com
frg.myaccount.afr.com
i.ffx.io
js3stgkut98jtqv6pn0id3qj3dygc1656558124.nuid.imrworldwide.com
l.ffx.io
logx.optimizely.com
mab.chartbeat.com
mb.moatads.com
nd.demdex.net
news.google.com
nova.collect.igodigital.com
p1.parsely.com
pagead2.googlesyndication.com
play.google.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.yimg.com
script.hotjar.com
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
sjs.bizographics.com
snap.licdn.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.chartbeat.com
static.ffx.io
static.hotjar.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
vars.hotjar.com
www.afr.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
z.moatads.com
adc.nine.com.au
au-script.dotmetrics.net
104.244.42.131
104.244.42.197
104.90.105.234
108.157.4.7
13.107.42.14
13.236.75.31
13.32.121.112
142.250.184.198
142.250.185.194
15.188.95.229
18.66.100.58
18.66.97.10
199.232.188.157
2001:4860:4802:38::178
212.82.100.181
23.206.209.10
2600:9000:2070:7000:18:1fcd:351:7bc1
2600:9000:214f:a00:10:2964:9d00:21
2600:9000:223f:f400:1d:667e:2a40:93a1
2600:9000:2240:6c00:2:42d9:3100:93a1
2600:9000:224a:1400:1e:a43d:b640:93a1
2600:9000:238d:ec00:7:3896:c640:93a1
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9b
2a02:26f0:3500:88e::13b8
2a02:26f0:ef::5c7b:c24a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::645
2a04:4e42::714
3.104.230.68
34.202.168.134
34.250.172.3
52.16.76.85
52.17.99.225
52.214.221.189
52.222.236.122
52.63.117.185
54.171.229.53
54.175.67.42
99.83.186.106
0290af29fe4c6b10c5388580fbae990b8635720e9f0e52426b0ecdfb9a2625b3
04d088660e2b8b96f9629f6e2f5327468f136a7fa0507e5768e005ba71278bc2
07a7e43a30c29cd24df54879f4fc788b60a76962f3b3c5623717c19762240225
0b9818982e699dcb8e9028532aeec80c810621d6020ddb48a36d0edb8051fb06
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1143c20f6e44484279936ecf3bf4a97dd3ff1d878d276c03fc703a631a9d1d44
117b6e78ac1db5701b7f7b07a6bf8e5997b27a2e8c96b0b927e3eb9c6c244b90
14985928b15bd12c655b3c4e2aa400bec14add042eef99423cf5f1b37631d54c
14e4b088db7fbce1fc7c9e34f33ce0766a0359a92f87b73df2b4b72d24a6a769
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2babc503489cf0b30c424b097e97f7ac6a1aa49f13a89cf732150f0c63126e28
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2f1b3c20947609880fa669248919d46ad2b26b995cd8f7e2f3d764dff3e47bdb
313e62763404ea9042891393159d0dc7162b42895951b40050bb61f2885d6a00
338140f080782dd9fc999b9c240cde15f599e7ffd10b3fd3d9085717d38ad8d3
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3748f6644234cbcd21add06e083e8759591ef08a9e73d5cdd5f0b4c8acf5aeac
38814c5240d913c5270db8b8c3eae9f192489b2d2752b63c30562c4287f70015
3b21c7fcd79763d466de7cf3e82a80aa311223482f5421b2b259a1c636962a67
3b5009378f9d9a28cc3eb2149030d692f8c7f8b92a0b49c32eab7f7a71398853
3d7416be1bc5914a26e73381ee8059e412f382f8e42bddfeebe630ed70193731
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40806ed18b8706290e21f5696fc2a7e09acdddc32bc1012d2793338898616e1b
432109c2f65cd665c817208a3a605803e56d3c96ef99f331585ecc0358a72568
43e22721ce191cab06c0f7269431a9eac8a32579d764c2e005852d3502c459fc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4590f1130c542f6520dd37fa7095416cb8a3873c6b24c496e0df1eb7b5257580
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
46fbe503b3f207f3da5c95a0d9fb494dc93d6c57c1e89fc885a2169c731fb6d5
494c5b686e9df0b93e2921c46438fdc1d805b3b565626eb3b5607660b4a1d00b
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a
5cd43db47fc8e6f2622adeeaf4a96db72992e066e284b533dcd44596508fc4c8
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
63793d0dda6a57cfdf005435a1cbda2052aa34df8fbc277806d2449a5e69908c
6a2d16956f3add5b1dd93e812dccb2f6685d5dbb1d5b1210dad04e6d30aea5a4
6a7b65ce161c419f9e21562f35e8625ee6126e92cca53436c843e3987aad70f1
6ab3d14e66d9472a75314152d45e8b694b6bf70956bf9304fc8218d22fa6d792
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
714892f1fc598fef48b0331e7af69cdac69bfb2cec684d199b8650da4a278c75
76616fe274686bb90918bb33f99a42ae9bc289f764ae269a36d2910811632856
76a8d9ee2ab95151ad66a1a171b98906ffb973ba502c1620525f873ef3cc2b13
78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82cfaf805346f8ba3bb53cb39ca9b53926aac73c04359c380683b12340c73100
847e5c887342fa55588f7ffb3ecec3914c4069f45cf17be89ea6109724ac0cea
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85039a60c5db441663f6de6c9f9c06d1a1ce7c1b91a40527ae84241522bc429c
85b23ef2b5d148948a0e393c8af051177f818b7fb18cda003998916666caabee
874cf4e22d967cd0b7fb05e18beb2159f79c74b237db9c57be665b2968d8dbbe
8b56cf3ff69da24ee4d01b00d8bbad12a602a1f083e47c6646b02b639fd633fd
8b72c10e7cef9d58e030a96817fa2c3e896fa60311541d575d7d27c3c1b693bd
8b878344eefd7922851c433eed16506a112c7ba6478e3b2f8b678c53183556e6
8bed23da34ba45596567d5a1403000102e7f6181d548af60b05d4997b3ad7573
934d4d6010b2bfc6795c8212555ff307c8e883a8fa5f974f601773d4f17e156f
9514be057ce4d6848b93ee3e442d32afda1cc60f72e7e2e26eedce562eab0047
953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337
97244fdc464b19592f897622016af89b6d6923ee004b9d225d12010a09224578
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a32f10766daad6da04be2c21bf0571471b67b3df8c87e7ac226cb2aa7300a47a
a3451e3e88e41410af3fa902aa6cb51d3b496ac00f169c40381bd0251869b8a6
a3c78596628f7e53c40bbfd0e9eed225181c4c2933a6e051e8fa46c30b221d1f
a44fb6a26732b7892f2802aee69fb0413ecd26b508b5c79720a48c485f4889ee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a856effe388476c6d95d221197a9290d983e581059885b7142f4228fca2da310
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ab5bd2c29eea2f5100bce1ea4308f3342105b8e0052bf998c0c3d657353f2003
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0
b57eae312257ce633dd54d1d539410428448aea47fb0b15207cb841555c6d4c3
b9ca7bac26e6b77390b0dae8846126d9d715b684c83a52b0465f8f840bef69c9
bac93b0d5aa0078309c862c321a45c7edbcc14b6388a1c10d5f88bac3a70a104
bc43fb6d91065d5349483970505710ab4194f96a0e91a2e6fb1bccb8bb6ea8d0
bcf86c48df6f76b921cce4d3b354c52312027494dbac002cf58ff39ca8593ff5
bd196e6c2034264bec25428ea96afd83aad8f94444106cd974bf3ec77cde2358
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c33538673cc2870f7ae9cac9a32bf7bd5875f8e531016dabbdf890f083d95ac8
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c7ade716824e2958ce29c33275050bb8526d1961ea2c5111cc46f293c0c5f7b2
c99bb554f568a8bfa9c4ebf178407e1fe47e531cd6f1a8f520d3b5c6942deb50
cde37ef271eb61e2946bbfc9099260079e65f2822d66946f20049af50be89364
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d48802ca946e034919a16f8b902e2581b932ee17d65b2f9707e4234c665d5d5b
d58dd92f0a0c8da1859ee0a893fc2e1dde4da8eaedc647faef8b795a09c0efe7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8feb725824de14c0eab4ff5990ad89ec208b9b396a77b63e581984773901b4e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd3c0f6289b88d42a1f6dce497e64189cda9de2b4bb8dfa43f1dd30a79b5c0d9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20
e35796493f977523161a6a88ad31128de3d1268aa0d0c55b202c50f5e95f043b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5091640ae45c50e6ae0bd44aab47b41b385f9d6df6cf7b2bb53c37cf6311bf6
e87ae526a0d5a8a2294f250cdc18b19166be66c0da0f8ea645d6b72d71189912
ea85962c6546b1811ad00ad17674ee28a369bfb07be765e4071157b76f620ce1
ec59d3afb521f71c9cede663ee7a22971bb15c27cf2ed404fc300031c0f3e479
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6d9a588cbfb6930ee161a69047363aebc80032a4d1de2e17529799f5d34d067
f738222292bf22b87ade409e38650b2e630aceee1b701b0aaa6739cba10d484a
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fa84adaa52138db2f2ca946b1e3ce31105a39a9a1f1b5fb25ad456241c2d0e73
faaa574700f878dd7ceb8d8ef9bea5d5e060ba574ae90fe593f8099fe8f205b3

www.afr.com Open in urlscan Pro 2a04:4e42:600::645 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

97 %HTTPS

54 %IPv6

33 Domains

63 Subdomains

54 IPs

8 Countries

2602 kBTransfer

7999 kBSize

51 Cookies

6 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.afr.com Open in urlscan Pro
2a04:4e42:600::645 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

97 %
HTTPS

54 %
IPv6

33
Domains

63
Subdomains

54
IPs

8
Countries

2602 kB
Transfer

7999 kB
Size

51
Cookies

150 HTTP transactions
6 data transactions