www.dailymercury.com.au Open in urlscan Pro
13.238.204.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Effective URL:
https://www.dailymercury.com.au/subscriptions/premium-offer/
Submission: On September 14 via api (September 14th 2020, 7:10:22 am UTC) from GB

Summary HTTP 110 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 29 domains to perform 110 HTTP transactions. The main IP is 13.238.204.116, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is www.dailymercury.com.au.
TLS certificate: Issued by Amazon on January 29th 2020. Valid for: a year.

This is the only time www.dailymercury.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	13.238.204.116 13.238.204.116	16509 (AMAZON-02) (AMAZON-02)
48	99.86.2.59 99.86.2.59	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
3	104.111.215.136 104.111.215.136	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.72.197.28 54.72.197.28	16509 (AMAZON-02) (AMAZON-02)
1	52.217.0.5 52.217.0.5	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.208.128 143.204.208.128	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.2.36 99.86.2.36	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
6	2.21.37.24 2.21.37.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.194.171.8 54.194.171.8	16509 (AMAZON-02) (AMAZON-02)
1 3	15.188.154.177 15.188.154.177	16509 (AMAZON-02) (AMAZON-02)
2 4	2600:9000:214... 2600:9000:214f:a00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:214... 2600:9000:214f:5200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.2.32 99.86.2.32	16509 (AMAZON-02) (AMAZON-02)
1	15.236.175.233 15.236.175.233	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.248.119.134 34.248.119.134	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
1 2	52.48.137.92 52.48.137.92	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:4600:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	54.172.203.45 54.172.203.45	14618 (AMAZON-AES) (AMAZON-AES)
1	34.255.114.251 34.255.114.251	16509 (AMAZON-02) (AMAZON-02)
110	34

4 13.238.204.116 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-238-204-116.ap-southeast-2.compute.amazonaws.com

www.dailymercury.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 99.86.2.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-59.fra6.r.cloudfront.net

media.apnarm.net.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::729 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.136 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-136.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.197.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-197-28.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.0.5 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-128.fra53.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-36.fra6.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.21.37.24 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-24.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.171.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-171-8.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.188.154.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

apnonline.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newscorpau.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:a00:1e:a43d:b640:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:5200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seccdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-32.fra6.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.175.233 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-175-233.eu-west-3.compute.amazonaws.com

survey.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.119.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-119-134.eu-west-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.137.92 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4600:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.203.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-203-45.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.114.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	apnarm.net.au media.apnarm.net.au	2 MB
11	imrworldwide.com 2 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com seccdn-gl.imrworldwide.com secure-dcr.imrworldwide.com	70 KB
6	news.com.au tags.news.com.au	12 KB
6	googleapis.com fonts.googleapis.com	6 KB
5	gstatic.com fonts.gstatic.com	55 KB
4	crwdcntrl.net 1 redirects ad.crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net	15 KB
4	dailymercury.com.au 1 redirects www.dailymercury.com.au	73 KB
3	2o7.net 1 redirects apnonline.112.2o7.net survey.112.2o7.net	1 KB
3	demdex.net dpm.demdex.net newscorpau.demdex.net	3 KB
3	tiqcdn.com tags.tiqcdn.com	33 KB
2	facebook.com www.facebook.com	515 B
2	google-analytics.com www.google-analytics.com	18 KB
2	facebook.net connect.facebook.net	166 KB
2	ravenjs.com cdn.ravenjs.com	19 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	omtrdc.net newscorpau.sc.omtrdc.net	324 B
1	newscgp.com au.tags.newscgp.com	40 KB
1	google.de www.google.de	106 B
1	google.com www.google.com	106 B
1	doubleclick.net stats.g.doubleclick.net	93 B
1	crazyegg.com script.crazyegg.com	1 KB
1	cloudfront.net dnn506yrbagrg.cloudfront.net	822 B
1	amazonaws.com s3.amazonaws.com	3 KB
1	cloudflare.com cdnjs.cloudflare.com	26 KB
1	jquery.com code.jquery.com	32 KB
1	rubiconproject.com ads.rubiconproject.com	26 KB
1	googlesyndication.com pagead2.googlesyndication.com	45 KB
110	29

	Domain	Requested by
48	media.apnarm.net.au	www.dailymercury.com.au
6	tags.news.com.au	tags.tiqcdn.com www.dailymercury.com.au au.tags.newscgp.com
6	fonts.googleapis.com	www.dailymercury.com.au
5	cdn-gl.imrworldwide.com	www.dailymercury.com.au seccdn-gl.imrworldwide.com secure-gl.imrworldwide.com cdn-gl.imrworldwide.com
5	fonts.gstatic.com	fonts.googleapis.com
4	secure-gl.imrworldwide.com	2 redirects secure-gl.imrworldwide.com www.dailymercury.com.au
4	www.dailymercury.com.au	1 redirects media.apnarm.net.au www.dailymercury.com.au
3	tags.tiqcdn.com	www.dailymercury.com.au tags.tiqcdn.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	www.facebook.com	www.dailymercury.com.au
2	apnonline.112.2o7.net	1 redirects www.dailymercury.com.au
2	dpm.demdex.net	www.dailymercury.com.au
2	www.google-analytics.com	media.apnarm.net.au www.dailymercury.com.au
2	connect.facebook.net	www.dailymercury.com.au connect.facebook.net
2	cdn.ravenjs.com	www.dailymercury.com.au
1	secure-dcr.imrworldwide.com
1	ping.chartbeat.net
1	static.chartbeat.com	www.dailymercury.com.au
1	cm.everesttech.net	1 redirects
1	newscorpau.sc.omtrdc.net	www.dailymercury.com.au
1	newscorpau.demdex.net	tags.tiqcdn.com
1	seccdn-gl.imrworldwide.com	tags.news.com.au
1	survey.112.2o7.net	www.dailymercury.com.au
1	au.tags.newscgp.com	tags.tiqcdn.com
1	www.google.de	www.dailymercury.com.au
1	www.google.com	www.dailymercury.com.au
1	stats.g.doubleclick.net	www.dailymercury.com.au
1	script.crazyegg.com	dnn506yrbagrg.cloudfront.net
1	tags.crwdcntrl.net	media.apnarm.net.au
1	dnn506yrbagrg.cloudfront.net	www.dailymercury.com.au
1	s3.amazonaws.com	www.dailymercury.com.au
1	ad.crwdcntrl.net	www.dailymercury.com.au
1	cdnjs.cloudflare.com	www.dailymercury.com.au
1	code.jquery.com	www.dailymercury.com.au
1	ads.rubiconproject.com	www.dailymercury.com.au
1	pagead2.googlesyndication.com	www.dailymercury.com.au
110	36

This site contains links to these domains. Also see Links.

Domain
couriermail.com.au
plusrewards.com.au

Subject Issuer	Validity	Valid
media.apnarm.net.au Amazon	`2020-01-29` - `2021-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-20` - `2020-12-18`	7 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
news.com.au GeoTrust RSA CA 2018	`2020-07-16` - `2021-03-04`	8 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.112.2o7.net DigiCert SHA2 High Assurance Server CA	`2019-04-23` - `2021-04-27`	2 years	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
au.tags.newscgp.com Amazon	`2020-02-08` - `2021-03-08`	a year	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.dailymercury.com.au/subscriptions/premium-offer/
Frame ID: CA732F226EA37AF7623B33580FF04416
Requests: 106 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 4AC2AE5C722D0C55A159C698A19E423D
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 3818C3DE55BF24C3C6D61E5E2A40A894
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=5318/rand=235790171/pv=y/tp=APNA/genp=is_loggedin%3Dfalse/genp=is_account%3Dfalse/int=%23OpR%2351730%23APN%20AU%20%3A%20PageData%20%3A%20Site%20Mode%20%3A%20desktop/int=%23OpR%2351731%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions/int=%23OpR%2351732%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions%20%3A%20Subsector%20%3A%20premium-offer/int=%23OpR%2351735%23APN%20AU%20%3A%20PageData%20%3A%20Page%20Type%20%3A%20index/ug=%23OpR%2351736%23APN%20AU%20%3A%20PageData%20%3A%20Category%20%3A%20subscriptions/rt=ifr
Frame ID: 79781661D7DB01D3C43E26658E8AD341
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: F86D53A9273A06F5E69DC10675388743
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/ Page URL
https://www.dailymercury.com.au/subscriptions/premium/?original_referrer= HTTP 302
https://www.dailymercury.com.au/subscriptions/premium-offer/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

110
Requests

100 %
HTTPS

49 %
IPv6

29
Domains

36
Subdomains

34
IPs

8
Countries

3092 kB
Transfer

5090 kB
Size

20
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://couriermail.com.au/subscriptionterms
Title: couriermail.com.au/subscriptionterms

Search URL Search Domain Scan URL

URL: http://plusrewards.com.au/couriermail/offers
Title: plusrewards.com.au

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/ Page URL
https://www.dailymercury.com.au/subscriptions/premium/?original_referrer= HTTP 302
https://www.dailymercury.com.au/subscriptions/premium-offer/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://apnonline.112.2o7.net/b/ss/apnarmtotal/1/H.24.2/s44141289004769?AQB=1&ndh=1&t=14%2F8%2F2020%209%3A10%3A6%201%20-120&ce=UTF-8&ns=apnonline&cdp=3&pageName=mdm%3Asubscriptions%3Apremium-offer&g=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&r=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&cc=AUD&ch=subscriptions&c1=checkout&c3=mdm&c4=monday&c5=17%3A00&v5=breach&v7=self-service&c19=Entire%20Site&c36=desktop&c37=anonymous&h1=mdm%3Asubscriptions%3Apremium-offer&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://apnonline.112.2o7.net/b/ss/apnarmtotal/1/H.24.2/s44141289004769?AQB=1&pccr=true&vidn=2FAF8BA70515C6D8-400008377287ADCA&ndh=1&t=14%2F8%2F2020%209%3A10%3A6%201%20-120&ce=UTF-8&ns=apnonline&cdp=3&pageName=mdm%3Asubscriptions%3Apremium-offer&g=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&r=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&cc=AUD&ch=subscriptions&c1=checkout&c3=mdm&c4=monday&c5=17%3A00&v5=breach&v7=self-service&c19=Entire%20Site&c36=desktop&c37=anonymous&h1=mdm%3Asubscriptions%3Apremium-offer&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Request Chain 86

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 97

https://cm.everesttech.net/cm/dd?d_uuid=53388363741361126350707823102239349795 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X18XTgAABgqihVL0

Request Chain 99

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1600067406528&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&rp=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&sr=1600x1200&id=lstrg-cdc703e0308de3475159e8187d71b0a3&tz=2 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1600067406528&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&rp=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&sr=1600x1200&id=lstrg-cdc703e0308de3475159e8187d71b0a3&tz=2&ja=1

Request Chain 100

https://bcp.crwdcntrl.net/5/c=5318/rand=235790171/pv=y/tp=APNA/genp=is_loggedin%3Dfalse/genp=is_account%3Dfalse/int=%23OpR%2351730%23APN%20AU%20%3A%20PageData%20%3A%20Site%20Mode%20%3A%20desktop/int=%23OpR%2351731%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions/int=%23OpR%2351732%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions%20%3A%20Subsector%20%3A%20premium-offer/int=%23OpR%2351735%23APN%20AU%20%3A%20PageData%20%3A%20Page%20Type%20%3A%20index/ug=%23OpR%2351736%23APN%20AU%20%3A%20PageData%20%3A%20Category%20%3A%20subscriptions/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=5318/rand=235790171/pv=y/tp=APNA/genp=is_loggedin%3Dfalse/genp=is_account%3Dfalse/int=%23OpR%2351730%23APN%20AU%20%3A%20PageData%20%3A%20Site%20Mode%20%3A%20desktop/int=%23OpR%2351731%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions/int=%23OpR%2351732%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions%20%3A%20Subsector%20%3A%20premium-offer/int=%23OpR%2351735%23APN%20AU%20%3A%20PageData%20%3A%20Page%20Type%20%3A%20index/ug=%23OpR%2351736%23APN%20AU%20%3A%20PageData%20%3A%20Category%20%3A%20subscriptions/rt=ifr

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/ 204 KB
53 KB 3369ms
2770ms Document
text/html 13.238.204.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.238.204.116 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-238-204-116.ap-southeast-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.dailymercury.com.au
:scheme: https
:path: /news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 14 Sep 2020 07:10:03 GMT
content-type: text/html; charset=utf-8
server: nginx/1.12.1
vary: Accept-Encoding
expires: Mon, 14 Sep 2020 07:15:03 GMT
last-modified: Mon, 14 Sep 2020 07:10:03 GMT
etag: W/"ce15e080282cb9d49b84c2647c8c21ee"
cache-control: max-age=300
x-premium-content: true
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge,chrome=1
content-encoding: gzip
x-varnish: 9857993
age: 0
via: 1.1 varnish (Varnish/5.2)
x-subscribed: False
x-device: desktop
x-cache: MISS
x-forwarded-proto: https
access-control-allow-origin: http://www.dailymercury.com.au

GET
H2 200 thirdparty.min.css
media.apnarm.net.au/static/247.11/rnn/base/css/ 16 KB
3 KB 77ms
24ms Stylesheet
text/css 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/css/thirdparty.min.css
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f707930b44cd9ee3f1e58385a64c832ce607af750165cb9c0f1405ae20e24bf5

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 09:40:00 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:08 GMT
server: nginx/1.12.1
age: 77404
etag: W/"5f5ae400-416e"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: _xL36bRnR9QtpEr6Ttl7KK2IE2f0_VuBzbz-45MUlcV85RQD7t6LrQ==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 bootstrap.min.css
media.apnarm.net.au/static/247.11/rnn/desktop/css/ 66 KB
13 KB 91ms
39ms Stylesheet
text/css 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/desktop/css/bootstrap.min.css
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b47bb9420bfdb0f26d036403d005c2df6fc815c22a3e9257955922ee1bbb3c73

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:46:08 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 16:43:43 GMT
server: nginx/1.12.1
age: 267836
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 9euZFU0Xp1MLCVQOCUNAddeeWuvn3UVjQFFs3XiZ6x1l9wtMrbUu6g==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
expires: Sun, 11 Oct 2020 04:46:08 GMT

GET
H2 200 rnn.min.css
media.apnarm.net.au/static/247.11/rnn/desktop/css/ 434 KB
67 KB 77ms
24ms Stylesheet
text/css 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/desktop/css/rnn.min.css
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9dc4670360c62762a71cdc8d46d50f232e84446ee6884f6fe428ff221b6abc50

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 09:40:00 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:08 GMT
server: nginx/1.12.1
age: 77404
etag: "5f5ae400-6c736"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: uh7WXAZ43h19A9gR093VCiAu1WTeo1m0nGOoi2xeRJH6fKtv_EyZFA==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 lightbox.min.css
media.apnarm.net.au/static/247.11/bower_components/lightbox/lightbox2/css/ 2 KB
1 KB 77ms
25ms Stylesheet
text/css 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/bower_components/lightbox/lightbox2/css/lightbox.min.css
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b41c65a254473fdb8cb0414a564fa193ffde90e9573a2c4b2afc9ee56d964797

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 06:00:34 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:08 GMT
server: nginx/1.12.1
age: 4170
etag: W/"5f5ae400-9e4"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: FqTpQg_vagVR4BkLowKSkIjhBhAwP5yQYiQs-nXPubPCuv0KHvEIJw==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 20ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fadd00a353fc61295aad4003da3c86afd22677a6149ec5db23c2aea8a3c0b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 07:10:04 GMT
server: ESF
date: Mon, 14 Sep 2020 07:10:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 07:10:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 19ms
14ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf8bfb094d2d7b62816916693816a8a956853a538271778850e501fcefcd771f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 06:53:17 GMT
server: ESF
date: Mon, 14 Sep 2020 07:10:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 07:10:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
811 B 27ms
22ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans+Condensed:700

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1faf57464a2450e7ce373a9101c5b15fbb3ec5070c4536db2adb0510108ebbca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 06:59:54 GMT
server: ESF
date: Mon, 14 Sep 2020 07:10:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 07:10:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
913 B 28ms
23ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800,700,300

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 07:10:04 GMT
server: ESF
date: Mon, 14 Sep 2020 07:10:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 07:10:04 GMT

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.17.0/ 25 KB
10 KB 24ms
5ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:04 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 16:58:06 GMT
server: Fastly
age: 23083
etag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9634

GET
H2 200 modernizr-custom.min.js Show response
media.apnarm.net.au/static/247.11/rnn/base/js/ 12 KB
6 KB 77ms
26ms Script
text/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modernizr-custom.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f4efb4a64fd8d6ba86925c2b108dedba518129c2fe208e80c0cd0dfc8fcc2334

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:46:07 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 16:43:39 GMT
server: nginx/1.12.1
age: 267836
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: YKzd7gFOdaTLRepN9fNUIBX9NkgBgiaJTelToYAIto4TRAvgtDvGFA==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
expires: Sun, 11 Oct 2020 04:46:07 GMT

GET
H2 200 js.cookie.min.js Show response
media.apnarm.net.au/static/247.11/bower_components/js-cookie/ 2 KB
1 KB 83ms
33ms Script
text/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/bower_components/js-cookie/js.cookie.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: ad8b271778f27c5478343098b1a019b1b031f0dadec14dd83ab626f26008c094

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:46:07 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 16:42:33 GMT
server: nginx/1.12.1
age: 267836
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: oYGvhIAqJjAftQKlThgL3Y-eYuVt1ZId1f5_ogGY9P6wljEL_psOag==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
expires: Sun, 11 Oct 2020 04:46:07 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/nrm/prod/ 109 B
344 B 72ms
26ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/nrm/prod/utag.sync.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d2f5ee87a7a5ee5d9fbe5e000fccafb59e5448521c8e420ca3a53f1c16188e9e

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:04 GMT
content-encoding: gzip
last-modified: Fri, 04 Sep 2020 06:35:26 GMT
server: AkamaiNetStorage
etag: "74d9a965d7fa0ad530ded7ba796b7a8d:1599201326.432929"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 118
expires: Mon, 14 Sep 2020 07:15:04 GMT

GET
H2 200 pr.min.js Show response
media.apnarm.net.au/static/247.11/rnn/base/js/modules/ 1 KB
1 KB 75ms
25ms Script
text/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modules/pr.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 58d4f40d660f29ad998f9ed2f94d4b5fc95c28b50893eeb58bfde1ced0de4667

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:46:07 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 16:43:40 GMT
server: nginx/1.12.1
age: 267836
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Xtwkca0XYNCpYXg2lKoW0ceyacWuPa5shI4jo4n0wKxK3u1gA_fd4A==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
expires: Sun, 11 Oct 2020 04:46:07 GMT

GET
H2 200 mackay_dailymercury-dptvjjs9of3yyg1zsp2_t210.png
media.apnarm.net.au/site/logo/ 9 KB
10 KB 23ms
23ms Image
image/png 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/site/logo/mackay_dailymercury-dptvjjs9of3yyg1zsp2_t210.png
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: e9a93e48069beefe5b36a4c9d4f0369e564d33b3c83dbf900353a7da313fad5f

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 17 Aug 2020 21:38:52 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Mon, 17 Aug 2020 21:38:52 GMT
server: nginx/1.12.1
age: 2367071
etag
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 9651
x-amz-cf-id: daUy6pqJqzKjkKfyqaVDpCVNLS6r00eoKMs8OFzCwL1SM5JND638_A==
expires: Wed, 16 Sep 2020 21:38:52 GMT

GET
H2 200 news_plus.svg
media.apnarm.net.au/static/247.11/rnn/base/img/ 436 B
776 B 22ms
22ms Image
image/svg+xml 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/img/news_plus.svg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 04:53:35 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Fri, 11 Sep 2020 02:42:07 GMT
server: nginx/1.12.1
age: 8424
etag: "5f5ae3ff-1b4"
status: 200
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 436
x-amz-cf-id: KmFnLtv0G3m3fs6Z0LyCPugpogITtLdVY6Y85qMI5lSLddPM6AsjbQ==

GET
H2 200 v3imagesbin4da8086c3aa66c2e3240944d9f50dfe0-g6b5rmnf28mzqknk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 160 KB
161 KB 50ms
49ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin4da8086c3aa66c2e3240944d9f50dfe0-g6b5rmnf28mzqknk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:57:50 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:57:50 GMT
server: nginx/1.12.1
age: 40334
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 163973
x-amz-cf-id: iXlYsGFiIc687nmSX5nnNSlmTI9bR5O3Rj9YKY6vbPtSppnBv_0_0Q==
expires: Tue, 13 Oct 2020 19:57:50 GMT

GET
H2 200 v3imagesbinb6c8d14fe3a1fb9ead06e93da6f60adf-dr8q0zrh40xryknk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 124 KB
124 KB 26ms
25ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbinb6c8d14fe3a1fb9ead06e93da6f60adf-dr8q0zrh40xryknk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:57:18 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:57:18 GMT
server: nginx/1.12.1
age: 40366
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 126720
x-amz-cf-id: 2qQsZucL7PD-Q7EXDXArpryM-kUgSK1ZYxIaKR-rtPnQroAVRPJGWA==
expires: Tue, 13 Oct 2020 19:57:18 GMT

GET
H2 200 v3imagesbin3b64a23c8b6a43259d73fdf4e92d6c37-mpkoot2n9yn8ilnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 67 KB
68 KB 25ms
24ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin3b64a23c8b6a43259d73fdf4e92d6c37-mpkoot2n9yn8ilnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:58:04 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:58:04 GMT
server: nginx/1.12.1
age: 40320
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 68921
x-amz-cf-id: luLSzZHWnmz5nvrUjhHImSqAia80IyVDQoAQygfRXgbtFiFNGsK6Rg==
expires: Tue, 13 Oct 2020 19:58:04 GMT

GET
H2 200 v3imagesbinedfaced959f7a81d664cd736d681d03e-bgdfhuftfakl5mnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 112 KB
112 KB 25ms
25ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbinedfaced959f7a81d664cd736d681d03e-bgdfhuftfakl5mnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:58:00 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:58:00 GMT
server: nginx/1.12.1
age: 40323
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 114526
x-amz-cf-id: gGplQoJblVfvivITi_jxJIoBzQrgwQVoSjU-TgXgkvOvDY68MRTLIg==
expires: Tue, 13 Oct 2020 19:58:00 GMT

GET
H2 200 v3imagesbine13a38a1f5c64b1a407c8821c818e8e1-otrsvcmwig0ahmnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 97 KB
98 KB 25ms
25ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbine13a38a1f5c64b1a407c8821c818e8e1-otrsvcmwig0ahmnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 20:00:19 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 20:00:19 GMT
server: nginx/1.12.1
age: 40185
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 99827
x-amz-cf-id: osXdnV42uJLGTzQRP7b1JskA5eFzV6MtSmDpVEUvgFRnfLGcbyjvTw==
expires: Tue, 13 Oct 2020 20:00:19 GMT

GET
H2 200 v3imagesbin58b9065a34538fd1ea570a66373edece-1766avszlmgysmnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 85 KB
85 KB 26ms
26ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin58b9065a34538fd1ea570a66373edece-1766avszlmgysmnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:59:52 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:59:52 GMT
server: nginx/1.12.1
age: 40212
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 86732
x-amz-cf-id: oSzoLd9POqTTyEL42YSnpO23ma_glK1ZsLLCcf8JdaiSbS_KrHZFng==
expires: Tue, 13 Oct 2020 19:59:52 GMT

GET
H2 200 v3imagesbineacd7c1b7094f312e3e96e0f89db8637-ekkjodz2pswm4nnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 114 KB
114 KB 25ms
25ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbineacd7c1b7094f312e3e96e0f89db8637-ekkjodz2pswm4nnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 20:00:15 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 20:00:15 GMT
server: nginx/1.12.1
age: 40189
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 116449
x-amz-cf-id: moOvzLjQYpTN3nx1UCu9ukeHYByE4cW2nfuwB8JMZkNrP_Ie64rdpg==
expires: Tue, 13 Oct 2020 20:00:15 GMT

GET
H2 200 v3imagesbin166318f7c71f903ed7b5b2507198e0cc-7qfp7287tci7knnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 122 KB
123 KB 26ms
26ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin166318f7c71f903ed7b5b2507198e0cc-7qfp7287tci7knnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 20:00:19 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 20:00:19 GMT
server: nginx/1.12.1
age: 40185
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 125394
x-amz-cf-id: jG0vlb_DWbHlFKmof3YOAtJKCT9exk5fssXQXfzJMUH8yN4gxE4sXw==
expires: Tue, 13 Oct 2020 20:00:19 GMT

GET
H2 200 v3imagesbindad8f5d96b7307d5df7f3453316c5dd3-wg8g03ldzoek7onk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 90 KB
90 KB 26ms
25ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbindad8f5d96b7307d5df7f3453316c5dd3-wg8g03ldzoek7onk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:59:22 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:59:22 GMT
server: nginx/1.12.1
age: 40242
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 91907
x-amz-cf-id: 54UUakaYWNnwJaZSGqSkDnRWcXOioxDRyTb0ZI1vC0ADkSuu22_z7g==
expires: Tue, 13 Oct 2020 19:59:22 GMT

GET
H2 200 v3imagesbin7672f5c3aaa2674765b8980290a86de0-pm3mjrth3905nonk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 128 KB
128 KB 24ms
24ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin7672f5c3aaa2674765b8980290a86de0-pm3mjrth3905nonk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:58:12 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:58:12 GMT
server: nginx/1.12.1
age: 40311
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 130648
x-amz-cf-id: 23wbpxuJakmPR7xHEOVL-eD68hCWlj0Rn4MJz9u0fJAGLoTMaN9uPQ==
expires: Tue, 13 Oct 2020 19:58:12 GMT

GET
H2 200 v3imagesbin96a5fa5113a53ade54faffa21cd90d30-20izx90l6fgtyonk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 155 KB
155 KB 25ms
25ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin96a5fa5113a53ade54faffa21cd90d30-20izx90l6fgtyonk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:57:55 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:57:55 GMT
server: nginx/1.12.1
age: 40329
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 158324
x-amz-cf-id: ub5M3uBXKdt-ZLy4_PmbXayePWlJpqp43euPsl4P-1V1YLGKQbeuYQ==
expires: Tue, 13 Oct 2020 19:57:55 GMT

GET
H2 200 v3imagesbin6d575d22b729f71cc3553d5a930c71c6-zkfk7m4n87rl6pnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 128 KB
129 KB 25ms
24ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin6d575d22b729f71cc3553d5a930c71c6-zkfk7m4n87rl6pnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:58:07 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:58:07 GMT
server: nginx/1.12.1
age: 40317
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 131570
x-amz-cf-id: 6u-huIMIAxxeTHy7ll6k_d7d9EIUywTtmnCohlBalMTe_QqSfHCJ2g==
expires: Tue, 13 Oct 2020 19:58:07 GMT

GET
H2 200 v3imagesbine07f19434388289050ee173d068b4b26-8jrivgfsd5i2qpnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 85 KB
85 KB 24ms
24ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbine07f19434388289050ee173d068b4b26-8jrivgfsd5i2qpnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 20:00:34 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 20:00:34 GMT
server: nginx/1.12.1
age: 40170
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 86743
x-amz-cf-id: 3xn7Aa6wuMl2o2FkHSMRcZzcbofFY1FT3UmHj2oGK_2Iowr6J00IjQ==
expires: Tue, 13 Oct 2020 20:00:34 GMT

GET
H2 200 v3imagesbin9ee19e599ac9b75df27bb0f2686dd16f-lw5w9zlvgbyq1qnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 66 KB
67 KB 36ms
35ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin9ee19e599ac9b75df27bb0f2686dd16f-lw5w9zlvgbyq1qnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 20:00:32 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 20:00:32 GMT
server: nginx/1.12.1
age: 40172
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 67947
x-amz-cf-id: qGe4G8PPqMkhOke1P_bGMzCbIU5y8n5zuQ0OebkR_-1s3f0CeNKePg==
expires: Tue, 13 Oct 2020 20:00:32 GMT

GET
H2 200 v3imagesbin99208d71bde91727c24c7eea6a190050-e212tnuzkvjbhqnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 188 KB
189 KB 27ms
27ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin99208d71bde91727c24c7eea6a190050-e212tnuzkvjbhqnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 20:00:29 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 20:00:29 GMT
server: nginx/1.12.1
age: 40175
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 192889
x-amz-cf-id: WVdUUr6swX_GqVi9gWEpI0UC6Er5OhUdgff6VwFEW3MZQ_cA1BWecg==
expires: Tue, 13 Oct 2020 20:00:29 GMT

GET
H2 200 v3imagesbin3b7275e81bfc72caaf0a20696259f379-78w7cc34pf5wwqnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 67 KB
67 KB 25ms
25ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin3b7275e81bfc72caaf0a20696259f379-78w7cc34pf5wwqnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:58:11 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:58:11 GMT
server: nginx/1.12.1
age: 40313
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 68406
x-amz-cf-id: Uygaq1HGpPqxsVcMHM24tO2nEXdBxQpksy9flW1I7r-l4spq82FAwQ==
expires: Tue, 13 Oct 2020 19:58:11 GMT

GET
H2 200 v3imagesbin348977dfc57e1dc8a508a4e1468018e0-0erdv0c8tzqgcrnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 117 KB
117 KB 37ms
37ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin348977dfc57e1dc8a508a4e1468018e0-0erdv0c8tzqgcrnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:57:58 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:57:58 GMT
server: nginx/1.12.1
age: 40326
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 119770
x-amz-cf-id: woVyW5a3bHkMHdishNmlc1VFOWzysMpziM1_KZVfZYNEarSP2izWmg==
expires: Tue, 13 Oct 2020 19:57:58 GMT

GET
H2 200 v3imagesbin9263503100dcedb8f2001185f75212fe-tjmjepkcxjc1srnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 93 KB
93 KB 26ms
26ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin9263503100dcedb8f2001185f75212fe-tjmjepkcxjc1srnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:57:52 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:57:52 GMT
server: nginx/1.12.1
age: 40332
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 95259
x-amz-cf-id: s7Bu77H9gMthtWTZHSQqOIXBB47tPm05VzM-i-fNali0uEyH_DVyiQ==
expires: Tue, 13 Oct 2020 19:57:52 GMT

GET
H2 200 v3imagesbinb0a62b57bba477a60adedcd17bac1e27-y2w2cwzj4aeajsnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 134 KB
134 KB 26ms
26ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbinb0a62b57bba477a60adedcd17bac1e27-y2w2cwzj4aeajsnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 20:00:27 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 20:00:27 GMT
server: nginx/1.12.1
age: 40176
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 136824
x-amz-cf-id: YQDTyuu9YVthP3G6gbTYUJABr09DhfinkzK-zW4-9U1E2Vtbfo5POw==
expires: Tue, 13 Oct 2020 20:00:27 GMT

GET
H2 200 v3imagesbin3c8231d828799f60c54fc730736728ca-r8r8vk8o8uzuysnk0v2_t1880.jpg
media.apnarm.net.au/media/images/2020/09/14/ 107 KB
108 KB 33ms
33ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin3c8231d828799f60c54fc730736728ca-r8r8vk8o8uzuysnk0v2_t1880.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 19:58:02 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 19:58:02 GMT
server: nginx/1.12.1
age: 40322
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 109597
x-amz-cf-id: kOQv0GXwsXG1f8fYcJElS1ii-gfdP9fDUbG1OEKSVAjoA283Mr4bTg==
expires: Tue, 13 Oct 2020 19:58:02 GMT

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45965
x-xss-protection: 0
server: cafe
etag: 15926848246370085333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Sep 2020 07:10:04 GMT

GET
H2 200 v3imagesbin2c813bb5904cbadaab2cea07a3bb7b70-sxve1rsvfgjnj0sn0v2_ct677x380.jpg
media.apnarm.net.au/media/images/2020/09/14/ 12 KB
13 KB 23ms
23ms Image
image/jpeg 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/media/images/2020/09/14/v3imagesbin2c813bb5904cbadaab2cea07a3bb7b70-sxve1rsvfgjnj0sn0v2_ct677x380.jpg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:03:43 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Mon, 14 Sep 2020 07:03:43 GMT
server: nginx/1.12.1
age: 381
etag
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 12582
x-amz-cf-id: cZBtRXJoD3ukecduJGjPqEVbqZApaX9oIqVp1Is8JbzDoRbW_69wvA==
expires: Wed, 14 Oct 2020 07:03:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailymercury.com.au
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 590764
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 07 Sep 2021 11:04:00 GMT

GET
H/1.1 200
OK 11686.js
ads.rubiconproject.com/header/ 81 KB
26 KB 79ms
34ms Script
application/javascript 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/header/11686.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 07:10:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 03:28:07 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 25728
Expires: Mon, 14 Sep 2020 07:10:04 GMT

GET
H2

200

Primary Request / Show response
www.dailymercury.com.au/subscriptions/premium-offer/
Redirect Chain

https://www.dailymercury.com.au/subscriptions/premium/?original_referrer=
https://www.dailymercury.com.au/subscriptions/premium-offer/

50 KB
20 KB

299ms
298ms

Document
text/html

13.238.204.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymercury.com.au/subscriptions/premium-offer/

Requested by

Host: media.apnarm.net.au
URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modules/pr.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.238.204.116 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-238-204-116.ap-southeast-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

bb3110203407bab467aa5b23701d0fb64c3893406a8cd5dc7944acb700e58ed5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.dailymercury.com.au
:scheme: https
:path: /subscriptions/premium-offer/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: premium_subscription_redirect=true; breach_original_referer=; breach_url=https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/

Response headers

status: 200
date: Mon, 14 Sep 2020 07:10:05 GMT
content-type: text/html; charset=utf-8
content-length: 19498
server: nginx/1.12.1
vary: Accept-Encoding
expires: Mon, 14 Sep 2020 07:12:50 GMT
last-modified: Mon, 14 Sep 2020 07:07:50 GMT
etag: W/"e83cf14f50c730d2fa007768b2d66e56"
cache-control: max-age=300
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge,chrome=1
content-encoding: gzip
x-varnish: 36648941 23280016
age: 134
via: 1.1 varnish (Varnish/5.2)
x-subscribed: False
x-device: desktop
x-cache: HIT
x-forwarded-proto: https
access-control-allow-origin: http://www.dailymercury.com.au

Redirect headers

status: 302
date: Mon, 14 Sep 2020 07:10:04 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.12.1
etag: "d41d8cd98f00b204e9800998ecf8427e"
location: /subscriptions/premium-offer/
x-ua-compatible: IE=edge,chrome=1
x-varnish: 553832752
age: 0
via: 1.1 varnish (Varnish/5.2)
x-subscribed: False
x-device: desktop
x-cache: MISS
x-forwarded-proto: https
access-control-allow-origin: http://www.dailymercury.com.au

GET
H3-Q050 200 css
fonts.googleapis.com/ 12 KB
1 KB 37ms
22ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1e84d9fcc76d16198e1a0437d161a3b34c606cac4e088d7e3d7e68061ed2618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 06:08:57 GMT
server: ESF
date: Mon, 14 Sep 2020 07:10:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 07:10:05 GMT

GET
H2 200 shopfront.css
media.apnarm.net.au/static/247.11/shopfront/dist/css/ 34 KB
7 KB 24ms
23ms Stylesheet
text/css 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/shopfront/dist/css/shopfront.css
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 00aa8074afa67c16a80e075fd456d58831dcd62a202d6c3180a0cbbfd0220b97

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 06:28:31 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:09 GMT
server: nginx/1.12.1
age: 2494
etag: "5f5ae401-8941"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -Rb4U-2v4roD7fpfMbB3uXlvcHxDqlPBJbXmgHxvMJoEIGMrKDhVPQ==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H3-Q050 200 icon
fonts.googleapis.com/ 574 B
391 B 44ms
29ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 07:10:05 GMT
server: ESF
date: Mon, 14 Sep 2020 07:10:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 07:10:05 GMT

GET
H2 200 jquery-1.10.0.min.js Show response
code.jquery.com/ 91 KB
32 KB 25ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.0.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dbe2f39d679680bec02757226881b9ac53fb18a7a6cf397e2bbe6d4724c1c8e1

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:05 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
status: 200
etag: W/"54499a47-16b62"
vary: Accept-Encoding
x-hw: 1600067405.dop155.fr8.t,1600067405.cds291.fr8.hc,1600067405.cds251.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32810

GET
H2 200 polyfill.min.js Show response
cdnjs.cloudflare.com/ajax/libs/babel-polyfill/7.0.0/ 90 KB
26 KB 13ms
12ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/babel-polyfill/7.0.0/polyfill.min.js

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28bb785e4a47e05ddee451c7b10324f623ce85e9f64b883f2e9bb89da9edb4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:05 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 439260
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26635
cf-request-id: 052d0c1e0000003260d785c200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:03 GMT
server: cloudflare
etag: "5eb03d6b-16666"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d2849433a653260-FRA
expires: Sat, 04 Sep 2021 07:10:05 GMT

GET
H2 200 polyfills.min.js Show response
media.apnarm.net.au/static/247.11/shopfront/dist/js/ 11 KB
4 KB 23ms
22ms Script
text/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/shopfront/dist/js/polyfills.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: fe7cc5c9c5fd6fe8dbcf81ddee97b1a438f0a2d94bf3ef6f659bd146f059fb1d

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:47:47 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 16:44:29 GMT
server: nginx/1.12.1
age: 267738
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -qugcXg-ZSu310wFpqLjW2tdFchuhmqNQBicU8OUsmLrCFXJ20o5qA==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
expires: Sun, 11 Oct 2020 04:47:47 GMT

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.17.0/ 25 KB
9 KB 7ms
6ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:05 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2017 16:58:06 GMT
server: Fastly
age: 23084
etag: "51d6eff0ea5151f41fa0e2f3310fc7c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9634

GET
H2 200 loading-icon.svg
media.apnarm.net.au/static/247.11/shopfront/images/ 687 B
1 KB 28ms
25ms Image
image/svg+xml 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/static/247.11/shopfront/images/loading-icon.svg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 490ad08176337d879e63ef33d506a16e87ea3417ac370852d2ba85ac9dac5e36

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:47:49 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
age: 267736
x-cache: Hit from cloudfront
status: 200
x-uwsgi: true
content-length: 687
last-modified: Thu, 10 Sep 2020 16:44:30 GMT
server: nginx/1.12.1
etag
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: zyb27oLUWPQnFRIcJ-5I9y4c7Z1aDjNmOJ2j_KKM5Mh1Qs7uz-SmPg==
expires: Sun, 11 Oct 2020 04:47:49 GMT

GET
H2 200 dm1024-r35i72m16ee122g97r2.png
media.apnarm.net.au/site/single_line_logo/ 2 KB
3 KB 37ms
35ms Image
image/png 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/site/single_line_logo/dm1024-r35i72m16ee122g97r2.png
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: aa0ab33001d05278fc59aa70b568a102b37239b22bb79978be28f5e1a58f4c2a

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 06 Sep 2020 15:24:16 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Sun, 28 Oct 2018 17:50:29 GMT
server: nginx/1.12.1
age: 661549
etag
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 2393
x-amz-cf-id: C5WYVcR_BQHPDsWOsfnuytbgK-MGdgQN82gqOMBv7yizzOdI-aT6eA==
expires: Tue, 06 Oct 2020 15:24:16 GMT

GET
H2 200 digital-n2ngkabzog709qo6nu2_t240x85.png
media.apnarm.net.au/shopfront/images/ 6 KB
6 KB 37ms
34ms Image
image/png 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/shopfront/images/digital-n2ngkabzog709qo6nu2_t240x85.png
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97672a6caf03c4dc08398a350a34a3269b983b34641fd888aa51e1a9d230c2c8

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 20:28:04 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Fri, 04 Sep 2020 20:28:04 GMT
server: nginx/1.12.1
age: 816120
etag
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
content-length: 6249
x-amz-cf-id: gbNk8idpMkhnYiajPrcx-EeIg48-jg1FJmWP63Gt6iyhFrozTyvHwA==
expires: Sun, 04 Oct 2020 20:28:04 GMT

GET
H2 200 tick.svg
media.apnarm.net.au/static/247.11/shopfront/images/ 271 B
651 B 37ms
34ms Image
image/svg+xml 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/static/247.11/shopfront/images/tick.svg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0a15ca7eae5bb1b9bc165cf2bab8189dfb1645a4d4506e47c866167bbcc05b91

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:47:49 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
age: 267736
x-cache: Hit from cloudfront
status: 200
x-uwsgi: true
content-length: 271
last-modified: Thu, 10 Sep 2020 16:44:30 GMT
server: nginx/1.12.1
etag
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: KcWKkVY2NITDKjY92dzDJW8cjJl0HiF4GDPGzaL4gQwaYpmTsOrPYw==
expires: Sun, 11 Oct 2020 04:47:49 GMT

GET
H2 200 main.min.js Show response
media.apnarm.net.au/static/247.11/shopfront/dist/js/ 9 KB
3 KB 22ms
22ms Script
text/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/shopfront/dist/js/main.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b0e20b17466bf727c8495ea4c61d6687c9c10d0c1a72575828eed63063a32f6c

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:47:48 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 16:44:29 GMT
server: nginx/1.12.1
age: 267737
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: efi945QRL0BaC-pLGW0iMas6ICCLwPdp9wnG9O1QgzjBQnITvzbjYA==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
expires: Sun, 11 Oct 2020 04:47:48 GMT

GET
H2 200 close.svg
media.apnarm.net.au/static/247.11/rnn/base/img/ 344 B
723 B 37ms
35ms Image
image/svg+xml 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/img/close.svg
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: e656b2f8e340c025170aeb0634509df42d81b72da56d2de02bc50332dffd9412

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:47:48 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
age: 267736
x-cache: Hit from cloudfront
status: 200
x-uwsgi: true
content-length: 344
last-modified: Thu, 10 Sep 2020 16:43:26 GMT
server: nginx/1.12.1
etag
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: jtTckPSTAhFn6RulytVcf2mCH6-Ss5SgqvMHonPuyFRaj_XPr1-PJQ==
expires: Sun, 11 Oct 2020 04:47:48 GMT

GET
H2 200 js.cookie.min.js Show response
media.apnarm.net.au/static/247.11/bower_components/js-cookie/ 2 KB
1 KB 23ms
23ms Script
text/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/bower_components/js-cookie/js.cookie.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: ad8b271778f27c5478343098b1a019b1b031f0dadec14dd83ab626f26008c094

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:46:07 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 16:42:33 GMT
server: nginx/1.12.1
age: 267837
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: p7ktfETRjuidGCeFTyAFxFV172vPl8XnZ60W0_RQ02n2ep-7uv_txQ==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
expires: Sun, 11 Oct 2020 04:46:07 GMT

GET
H2 200 underscore.js Show response
media.apnarm.net.au/static/247.11/bower_components/underscore/ 52 KB
15 KB 27ms
23ms Script
application/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/bower_components/underscore/underscore.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 4b328e42c558197d5b99d7727cfcc60bac9763fad660651230e8baf93f6067ed

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 09:40:02 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:08 GMT
server: nginx/1.12.1
age: 77403
etag: W/"5f5ae400-ceb7"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: UX66cry02hHUYVyeGTJAI5e6JDP4K7HydXd9VhzCkvX2MxLQ3XGuSg==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 rnn.js Show response
media.apnarm.net.au/static/247.11/rnn/base/js/ 5 KB
2 KB 30ms
26ms Script
application/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/rnn.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 35f924b80b170574350edbd6b734e74458e469d8e6ea45ede274f6bbad209578

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 05:18:48 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:08 GMT
server: nginx/1.12.1
age: 6677
etag: W/"5f5ae400-12cf"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: o3tirUrxABnsvfMktkeCJ_-uvWh7l122Fp91-5_zco6lXVxIjPSi-w==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 rnn.modules.js Show response
media.apnarm.net.au/static/247.11/rnn/base/js/ 1 KB
823 B 27ms
23ms Script
text/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/rnn.modules.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 14abbfd2093b092af43700ac3bfb9216f4c7c10f57f635d754274c42553f6987

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:47:48 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 16:43:41 GMT
server: nginx/1.12.1
age: 267736
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: TjRGWfNNQ-BqizYmNopatcDpDYJ9XVPqT_DnAn-pkFM9Dezp-UmJYw==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
expires: Sun, 11 Oct 2020 04:47:48 GMT

GET
H2 200 user.js Show response
media.apnarm.net.au/static/247.11/rnn/base/js/modules/ 14 KB
4 KB 27ms
24ms Script
application/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modules/user.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b84270a825a99e91c84d9aa14dec021a97c271ed92b935b889cc06e8331168c5

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 09:53:24 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:08 GMT
server: nginx/1.12.1
age: 76601
etag: "5f5ae400-385e"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: jXpgrwaZjNSJGaIwaaVhbFtZAjrHbTXEEEza3iADaDtLQ8V0pHlJdg==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 g_analytics.js Show response
media.apnarm.net.au/static/247.11/rnn/base/js/modules/ 7 KB
2 KB 28ms
24ms Script
text/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modules/g_analytics.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b175eef550feffffdf85e6f10711b519cfbc60602ff018ebf07439a6e51d6d9d

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 04:47:48 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2020 16:43:40 GMT
server: nginx/1.12.1
age: 267737
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=2592000
x-uwsgi: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: qT-OaAuquJm5ZX3VcY5kcmbdB2yxLWGsFxu-BdFwurqmBZIk5ASs6A==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
expires: Sun, 11 Oct 2020 04:47:48 GMT

GET
H2 200 chargify.js Show response
media.apnarm.net.au/static/247.11/rnn/base/js/modules/ 3 KB
1 KB 30ms
27ms Script
application/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modules/chargify.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9fc07fd0a55b5a46c448413a8d3ae0858607acddb4849efd69f197226a54ff89

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 09:53:24 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:08 GMT
server: nginx/1.12.1
age: 76601
etag: "5f5ae400-c9c"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: tAc1TA5KIonfflzs3NYIzak91fls9VxkLkiWblyJu3D1IX8S-pfBcA==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 omniture.js Show response
media.apnarm.net.au/static/247.11/rnn/base/js/modules/ 5 KB
2 KB 28ms
25ms Script
application/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modules/omniture.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: dea1fd1a662886439f50e9de820ef9bd1732cd1cb8b23fc0a0046cc634a93aa9

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 09:53:24 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:08 GMT
server: nginx/1.12.1
age: 76601
etag: "5f5ae400-1353"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: NDpFAJVoTprC8rLPIiHp-tngml7rE2B_Y6sYnMnvSOjFyCDiBtgy1Q==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 lotame.js Show response
media.apnarm.net.au/static/247.11/rnn/base/js/modules/ 8 KB
2 KB 31ms
28ms Script
application/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modules/lotame.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: ab038a60a320d6b578f476578bb31d78c71655fd05e352096d03149654821579

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 05:01:56 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:08 GMT
server: nginx/1.12.1
age: 7689
etag: W/"5f5ae400-1e67"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: hXYp_6mADnx6l6kgujQ8RQLHlPwgIYPkLH9Etlww17Ud4WUmeq_jvQ==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/nrm/prod/ 103 KB
32 KB 204ms
201ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/nrm/prod/utag.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7382c52f33b7a1c1bfdc868a48b6b1b227dd116753b120e088076b414acce2b4

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:05 GMT
content-encoding: gzip
last-modified: Fri, 04 Sep 2020 06:35:26 GMT
server: AkamaiNetStorage
etag: "5fd0513dac705476eefbc6c20d9bac90:1599201325.816943"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 32971
expires: Mon, 14 Sep 2020 07:15:05 GMT

GET
H2 200 s_code.js Show response
media.apnarm.net.au/static/247.11/apncore/js/ 36 KB
14 KB 28ms
25ms Script
application/javascript 99.86.2.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.apnarm.net.au/static/247.11/apncore/js/s_code.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-59.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 38f043d7571710b7e0a3640dc56134bc65603bc7cb39b745f5a93dbb365c9394

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 09:40:01 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 02:42:07 GMT
server: nginx/1.12.1
age: 77404
etag: W/"5f5ae3ff-8e5c"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: lbOpNt3rHQRX7a7JPHG_sHAF_Zx_SMiVJ1rr8kIAHUqQuPg2P5Fm4g==
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)

GET
H2 200 var=ccauds Show response
ad.crwdcntrl.net/5/c=5308/pe=y/ 70 B
278 B 97ms
31ms Script
application/javascript 54.72.197.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=5308/pe=y/var=ccauds
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.197.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-197-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:05 GMT
status: 200
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.6.91
content-type: application/javascript;charset=UTF-8
content-length: 70
expires: 0

GET
H/1.1 200
OK goal.min.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 3 KB
3 KB 398ms
104ms Script
application/javascript 52.217.0.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/goal.min.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.0.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 07:10:06 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:37 GMT
Server: AmazonS3
x-amz-request-id: ACECCE916CD68839
ETag: "db78cc3fefd4dc191250a00cf7b530a3"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 2699
x-amz-id-2: oIoVGrzE5wr6PFepRSJ/2EdgOYm4n2RbLjbrEfpbcsBq1DJZ/txxK3VUc74CoRpb5k/eN1NM7sk=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: bM3R/m35P0mMQdbYrfxVMMPe7Vi4B2b56RwNtY6+04vBXR5zgEfDe9Q+XA750dLg3oOn5zi5RF7X5Fw8LGsXqw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Mon, 14 Sep 2020 07:10:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 30ms
14ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailymercury.com.au
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:06:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 597830
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:06:15 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 27ms
13ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailymercury.com.au
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 597971
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:03:54 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 28ms
13ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailymercury.com.au
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:06:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 597834
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:06:11 GMT

GET
H/1.1 200
OK 5628.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0023/ 309 B
822 B 75ms
29ms Script
application/x-javascript 143.204.208.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0023/5628.js?444463
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-128.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e158a4de7b9f5744d6f58c4b6e364034ce4aedf98f6feb5e1f09bf1fb059a4b

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Mar 2020 19:18:54 GMT
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 03 Mar 2020 19:15:47 GMT
Server: AmazonS3
Age: 16804272
ETag: "182f1aac0faddd17bfac96ff9d03bcc1"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 309
X-Amz-Cf-Id: YueTfWaeA9T_Dl9bryF08R_xYdRVJywI3zsJfT22d4rPiiXNG5iiwg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: media.apnarm.net.au
URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modules/g_analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 2184
date: Mon, 14 Sep 2020 06:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Mon, 14 Sep 2020 08:33:41 GMT

GET
H2 200 cc_af.js Show response
tags.crwdcntrl.net/c/5318/ 52 KB
14 KB 70ms
25ms Script
application/json 99.86.2.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/5318/cc_af.js
Requested by: Host: media.apnarm.net.au
URL: https://media.apnarm.net.au/static/247.11/rnn/base/js/modules/lotame.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f8160f31bb35ae9f60fa09c0cb511a8520ca2b10ef5fb869338531632ca5bc3

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Sep 2020 07:43:04 GMT
content-encoding: gzip
etag: "f34d2ac394baebbafea2cf354690b54a"
last-modified: Tue, 10 Mar 2020 22:45:43 GMT
server: AmazonS3
age: 84422
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
status: 200
cache-control: max-age: 86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 59Q-ijjtz3_jgzyvzPS5sy-DrWc2lNtqsNOc8sGRBosNhAHMu888wA==
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dailymercury.com.au
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:03:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 597971
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:03:54 GMT

GET
H2 200 274045516830868 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/274045516830868?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c41cf0bef875dbb7f51d7b84b18e968ee80443330e5827d66c51db9c614d0c8d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 135035
x-xss-protection: 0
pragma: public
x-fb-debug: MgckPkFIcrQkFfVJdaRCc2DYppJOYNj4rzmKxbFULEqvppCHvB2T4VA7n5Wte7QgVB19uH/TW8Ctp2I2fss+VA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Mon, 14 Sep 2020 07:10:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
71 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=218530569&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&ul=en-us&de=UTF-8&dt=Subscribe%20Now%20to%20Daily%20Mercury%20for%20exclusive%20premium%20stories&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1606660211&gjid=140025525&cid=1714138056.1600067406&tid=UA-2800415-24&_gid=1873898970.1600067406&_r=1&cd1=subscriptions.premium-offer&cd2=index&cd4=&cd5=subscriptions&cd6=&cd7=anonymous&z=635069816

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.dailymercury.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5628.js Show response
script.crazyegg.com/pages/scripts/0023/ 2 KB
1 KB 29ms
14ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0023/5628.js
Requested by: Host: dnn506yrbagrg.cloudfront.net
URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0023/5628.js?444463
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05675daa3cce33be4cc7a7595ea53b36e0da229613706792f466124b435e211e

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:05 GMT
content-encoding: gzip
cf-cache-status: HIT
ce-version: 11.1.68
age: 222519
cf-polished: origSize=1846
status: 200
cf-request-id: 052d0c1f030000dfa5189cf200000001
last-modified: Fri, 11 Sep 2020 17:21:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 5d284944df53dfa5-FRA
cf-bgj: minify

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-2800415-24&cid=1714138056.1600067406&jid=1606660211&gjid=140025525&_gid=1873898970.1600067406&_u=IEDAAEAAAAAAAC~&z=67838119

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Sep 2020 07:10:05 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.dailymercury.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 20ms
20ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-2800415-24&cid=1714138056.1600067406&jid=1606660211&_u=IEDAAEAAAAAAAC~&z=1233736587

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 17ms
17ms Image
image/gif 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-2800415-24&cid=1714138056.1600067406&jid=1606660211&_u=IEDAAEAAAAAAAC~&z=1233736587

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
898 B 81ms
27ms Script
application/x-javascript 2.21.37.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/nrm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.24 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:05 GMT
server: Apache
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=44643
content-type: application/x-javascript
content-length: 666

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
358 B 572ms
519ms XHR
text/plain 2.21.37.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.24 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-24.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:06 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "f1d1adc077c1f1f826a151ee3db530bc:1594002579.72485"
status: 200
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-type: text/plain
content-length: 61
expires: Mon, 14 Sep 2020 07:10:06 GMT

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 25ms
24ms Script
application/x-javascript 2.21.37.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16000674062010.9899499893253334
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/nrm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.24 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:06 GMT
content-encoding: gzip
server: Apache
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 832
expires: Mon, 14 Sep 2020 07:10:06 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 139ms
37ms XHR
application/json 54.194.171.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1600067406216

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.171.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-171-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ba040a751c847c68aa82841055fbcc7082457028ba656db011f4b4292494b55e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v081-03c98c6d1.edge-irl1.demdex.com 5.78.0.20200908113611 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: 5mVkVnk6R/0=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.dailymercury.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

s44141289004769
apnonline.112.2o7.net/b/ss/apnarmtotal/1/H.24.2/
Redirect Chain

https://apnonline.112.2o7.net/b/ss/apnarmtotal/1/H.24.2/s44141289004769?AQB=1&ndh=1&t=14%2F8%2F2020%209%3A10%3A6%201%20-120&ce=UTF-8&ns=apnonline&cdp=3&pageName=mdm%3Asubscriptions%3Apremium-offer&...
https://apnonline.112.2o7.net/b/ss/apnarmtotal/1/H.24.2/s44141289004769?AQB=1&pccr=true&vidn=2FAF8BA70515C6D8-400008377287ADCA&ndh=1&t=14%2F8%2F2020%209%3A10%3A6%201%20-120&ce=UTF-8&ns=apnonline&cd...

43 B
292 B

24ms
24ms

Image
image/gif

15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apnonline.112.2o7.net/b/ss/apnarmtotal/1/H.24.2/s44141289004769?AQB=1&pccr=true&vidn=2FAF8BA70515C6D8-400008377287ADCA&ndh=1&t=14%2F8%2F2020%209%3A10%3A6%201%20-120&ce=UTF-8&ns=apnonline&cdp=3&pageName=mdm%3Asubscriptions%3Apremium-offer&g=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&r=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&cc=AUD&ch=subscriptions&c1=checkout&c3=mdm&c4=monday&c5=17%3A00&v5=breach&v7=self-service&c19=Entire%20Site&c36=desktop&c37=anonymous&h1=mdm%3Asubscriptions%3Apremium-offer&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:05 GMT
x-content-type-options: nosniff
x-c: master-1347.Ibe097b.M0-443
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 15 Sep 2020 07:10:06 GMT
server: jag
xserver: anedge-5bd4cfd76-rv4x6
etag: 3436118590168072192-4614052226281316370
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 13 Sep 2020 07:10:06 GMT

Redirect headers

date: Mon, 14 Sep 2020 07:10:05 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
x-c: master-1347.Ibe097b.M0-443
p3p: CP="This is not a P3P policy"
status: 302
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 15 Sep 2020 07:10:06 GMT
server: jag
xserver: anedge-5bd4cfd76-9dbzc
content-type: text/plain;charset=utf-8
location: https://apnonline.112.2o7.net/b/ss/apnarmtotal/1/H.24.2/s44141289004769?AQB=1&pccr=true&vidn=2FAF8BA70515C6D8-400008377287ADCA&ndh=1&t=14%2F8%2F2020%209%3A10%3A6%201%20-120&ce=UTF-8&ns=apnonline&cdp=3&pageName=mdm%3Asubscriptions%3Apremium-offer&g=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&r=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&cc=AUD&ch=subscriptions&c1=checkout&c3=mdm&c4=monday&c5=17%3A00&v5=breach&v7=self-service&c19=Entire%20Site&c36=desktop&c37=anonymous&h1=mdm%3Asubscriptions%3Apremium-offer&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 13 Sep 2020 07:10:06 GMT

GET
H2 200 / Show response
www.dailymercury.com.au/my-account/userstatus/ 45 B
564 B 578ms
577ms Fetch
application/json 13.238.204.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymercury.com.au/my-account/userstatus/

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.238.204.116 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-238-204-116.ap-southeast-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

a504bf2ac777dc85da266dc5ea135ab36d5cb06d43c23f5178b8e01133386d9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:06 GMT
content-encoding: gzip
age: 0
x-cache: MISS
status: 200
x-subscribed: False
x-forwarded-proto: https
x-device: desktop
x-ua-compatible: IE=edge,chrome=1
access-control-allow-origin: http://www.dailymercury.com.au
last-modified: Mon, 14 Sep 2020 07:10:06 GMT
server: nginx/1.12.1
x-frame-options: SAMEORIGIN
etag: W/"23d7c71afdfa9bb181d44c77faa72507"
vary: Accept-Encoding, Cookie
x-varnish: 9690099
via: 1.1 varnish (Varnish/5.2)
cache-control: max-age=0
content-type: application/json
expires: Mon, 14 Sep 2020 07:10:06 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

10ms
9ms

Script
application/javascript

2600:9000:214f:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 01:14:26 GMT
content-encoding: gzip
age: 21341
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 04 May 2020 13:03:46 GMT
server: AmazonS3
etag: W/"485e22c0ad60bcb2677b2f8f9b011e61"
vary: Accept-Encoding
x-amz-version-id: Atg2BNoq_w9GuxA03gYewv2lTFbMKFkY
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: _Q5N_Huo74AUldz4KvFX7HYNzqdsi_qmwDn5jkJy11DSAFk2DfjfwA==

Redirect headers

date: Mon, 14 Sep 2020 07:10:06 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA53-C1
status: 301
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 150
x-amz-cf-id: k5AVNLfWy0ws42451VXJyJORt1olTFtXlQeqYoNa-OIkFoRKQGdkrQ==

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 21 KB
9 KB 24ms
24ms Script
application/x-javascript 2.21.37.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/nrm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.24 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 728c49a2c9cae48f12242565437f2e0f7b3edffb1085ab28b28c03cb123561ae

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:06 GMT
content-encoding: gzip
server: Apache
etag: "9029e66e5e2f80ebe09189332c981f3c:1588290195"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=44628
content-type: application/x-javascript
content-length: 8633

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 124 KB
40 KB 92ms
22ms Script
text/javascript 99.86.2.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/nrm/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-32.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 716b170a37df0b3e60269439f97779ec22a0d0ee5ea18bc01c5dc6958dfb5eda

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 06:49:35 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 02 Aug 2020 23:19:10 GMT
Server: AmazonS3
Age: 1232
ETag: "44281d8d84dc66dbff90f2725195e6f7"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: _y2sFhE3r4bQDKrz7rUD5iqbkM-o-zbvUwRsUMV_1MIVNdDgPLSTwQ==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 115ms
115ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/nrm/202009040635&cb=1600067406240
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/nrm/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:06 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 14 Sep 2020 07:20:06 GMT

GET
H2 404 list.js
survey.112.2o7.net/survey/dynamic/suites/140/apnarmtotal/ 0
0 82ms
26ms Script
text/plain 15.236.175.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.112.2o7.net/survey/dynamic/suites/140/apnarmtotal/list.js?360540843566
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.236.175.233 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-15-236-175-233.eu-west-3.compute.amazonaws.com
Software: jag /
Resource Hash

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
date: Mon, 14 Sep 2020 07:10:06 GMT
server: jag

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=274045516830868&ev=PageView&dl=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&rl=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&if=false&ts=1600067406265&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.2.1600067406263.872254072&it=1600067405523&coo=false&rqm=GET

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Sep 2020 07:10:06 GMT

GET
H2 200 ggcmb510.js Show response
seccdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 34ms
9ms Script
application/javascript 2600:9000:214f:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 06:27:44 GMT
content-encoding: gzip
age: 2543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 31 Aug 2020 13:41:33 GMT
server: AmazonS3
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
vary: Accept-Encoding
x-amz-version-id: n3q_bF37_FBlZH_XRzcQNsIp2iM_eW7C
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: RdYtxLBnbXV2nE0F10R47rBSpjPaZgnM-49yK4f9oVxrlXlQ-5vgMA==

GET
H2 200 newskey.js Show response
tags.news.com.au/prod/newskey/ 194 B
545 B 25ms
25ms Script
application/x-javascript 2.21.37.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/newskey/newskey.js
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.24 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-24.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0337ba6b3d74817c8d3f3201b1552dbdb33b9ff9c2ce64c18036587bc6f6b254

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:06 GMT
server: Apache
etag: "37183003000f63ee4c54b44a3f588989:1580947249"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
status: 200
cache-control: max-age=44589
content-type: application/x-javascript
content-length: 194

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 61 B
358 B 549ms
548ms XHR
text/plain 2.21.37.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.24 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-24.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:06 GMT
server: AkamaiGHost
mime-version: 1.0
etag: "f1d1adc077c1f1f826a151ee3db530bc:1594002579.72485"
status: 200
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-type: text/plain
content-length: 61
expires: Mon, 14 Sep 2020 07:10:06 GMT

GET
H/1.1 200
OK Cookie set dest5.html
newscorpau.demdex.net/ Frame 4AC2 0
0 159ms
34ms Document
text/html 34.248.119.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/nrm/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.119.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-119-134.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=53388363741361126350707823102239349795
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 09 Sep 2020 13:43:19 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=53388363741361126350707823102239349795;Path=/;Domain=.demdex.net;Expires=Sat, 13-Mar-2021 07:10:06 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: qVHZPOLvSBU=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
newscorpau.sc.omtrdc.net/ 2 B
324 B 89ms
26ms XHR
application/x-javascript 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=53412231211197452490709945965425577273&ts=1600067406377

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Mon, 14 Sep 2020 07:10:06 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5bd4cfd76-89xwm
vary: Origin
x-c: master-1347.Ibe097b.M0-443
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.dailymercury.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X18XTgAABgqihVL0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=53388363741361126350707823102239349795
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X18XTgAABgqihVL0

42 B
915 B

46ms
45ms

Image
image/gif

54.194.171.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X18XTgAABgqihVL0

Requested by

Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.171.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-171-8.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-0e77ce015.edge-irl1.demdex.com 5.78.0.20200908113611 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: ShvfUyBpRWw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 14 Sep 2020 07:10:05 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X18XTgAABgqihVL0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 storageframe.html
secure-gl.imrworldwide.com/ Frame 3818 0
0 114ms
114ms Document
text/html 2600:9000:214f:a00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-gl.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/

Response headers

status: 200
content-type: text/html
vary: Accept-Encoding
date: Mon, 14 Sep 2020 07:10:06 GMT
server: nginx
last-modified: Fri, 28 Aug 2020 19:49:15 GMT
etag: W/"5f495fbb-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 7PLh-pooZV3a4e-45sjbnB8ndbE9PF-I8yPebWrRekN_r9CeSPoN9A==

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1600067406528&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpr...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1600067406528&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpr...

44 B
492 B

98ms
98ms

Image
image/gif

2600:9000:214f:a00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1600067406528&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&rp=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&sr=1600x1200&id=lstrg-cdc703e0308de3475159e8187d71b0a3&tz=2&ja=1
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:06 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: rhEwBdtu48uxTLSF_Ec3QFQHmNwzd1JLY93AVvfSBiQ92sE2gh1LOQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:06 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
status: 302
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1600067406528&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.100&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&rp=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&sr=1600x1200&id=lstrg-cdc703e0308de3475159e8187d71b0a3&tz=2&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: NMfxL4cbHT6H0PpzcvGI0thjADqHDVP2Dt6kyyJUsbaBCX7Ws1Oy0w==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=5318/rand=235790171/pv=y/tp=APNA/genp=is_loggedin%3Dfalse/genp=is_account%3Dfalse/int=%23OpR%2351730%23APN%20AU%20%3A%20PageData%20%3A%20Site%20Mode%20%3A%20desktop/int=%... Frame 7978
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5318/rand=235790171/pv=y/tp=APNA/genp=is_loggedin%3Dfalse/genp=is_account%3Dfalse/int=%23OpR%2351730%23APN%20AU%20%3A%20PageData%20%3A%20Site%20Mode%20%3A%20desktop/in...
https://bcp.crwdcntrl.net/5/ct=y/c=5318/rand=235790171/pv=y/tp=APNA/genp=is_loggedin%3Dfalse/genp=is_account%3Dfalse/int=%23OpR%2351730%23APN%20AU%20%3A%20PageData%20%3A%20Site%20Mode%20%3A%20deskt...

0
0

65ms
65ms

Document
text/html

52.48.137.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=5318/rand=235790171/pv=y/tp=APNA/genp=is_loggedin%3Dfalse/genp=is_account%3Dfalse/int=%23OpR%2351730%23APN%20AU%20%3A%20PageData%20%3A%20Site%20Mode%20%3A%20desktop/int=%23OpR%2351731%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions/int=%23OpR%2351732%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions%20%3A%20Subsector%20%3A%20premium-offer/int=%23OpR%2351735%23APN%20AU%20%3A%20PageData%20%3A%20Page%20Type%20%3A%20index/ug=%23OpR%2351736%23APN%20AU%20%3A%20PageData%20%3A%20Category%20%3A%20subscriptions/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/5318/cc_af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=5318/rand=235790171/pv=y/tp=APNA/genp=is_loggedin%3Dfalse/genp=is_account%3Dfalse/int=%23OpR%2351730%23APN%20AU%20%3A%20PageData%20%3A%20Site%20Mode%20%3A%20desktop/int=%23OpR%2351731%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions/int=%23OpR%2351732%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions%20%3A%20Subsector%20%3A%20premium-offer/int=%23OpR%2351735%23APN%20AU%20%3A%20PageData%20%3A%20Page%20Type%20%3A%20index/ug=%23OpR%2351736%23APN%20AU%20%3A%20PageData%20%3A%20Category%20%3A%20subscriptions/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/

Response headers

status: 200
date: Mon, 14 Sep 2020 07:10:06 GMT
content-type: text/html;charset=UTF-8
content-length: 1386
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.16.90
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 11-Jun-2021 07:06:00 GMT;SameSite=None;Secure _cc_domain=.cc.dailymercury.com.au;Path=/;Domain=crwdcntrl.net;Expires=Fri, 11-Jun-2021 07:06:00 GMT;SameSite=None;Secure _cc_id=a7720858a36b272e5a37a84f9f4e3574;Path=/;Domain=crwdcntrl.net;Expires=Fri, 11-Jun-2021 07:06:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQSDQ3NzKwMLVINDZLMjI3SjVNNDZPtDBJs0wzSTU2NTdhAIL4eHE%2FBjgQ7fz2WIbxmCbDf0ZGhjV9zUow9o7T%2B%2BHsxw9eC8DYm9u%2Bc8DYOzs%2FwtkdSOa8mIRQ0%2Fn2NSeM%2Ffr8Gzj71kl1GPPC4jksMPa5o4eYYezlHy1hzMvP78jC2IeRlDdvecoNY097%2BFkFxr506hEbjP2h4T7c9X83ToHrBQAajmL8";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 11-Jun-2021 07:06:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIjxf3Y4ABJgZG%2BRoQg1G%2BC0gCACg5Amw%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Fri, 11-Jun-2021 07:06:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

Redirect headers

status: 302
date: Mon, 14 Sep 2020 07:10:06 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=5318/rand=235790171/pv=y/tp=APNA/genp=is_loggedin%3Dfalse/genp=is_account%3Dfalse/int=%23OpR%2351730%23APN%20AU%20%3A%20PageData%20%3A%20Site%20Mode%20%3A%20desktop/int=%23OpR%2351731%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions/int=%23OpR%2351732%23APN%20AU%20%3A%20PageData%20%3A%20Sector%20%3A%20subscriptions%20%3A%20Subsector%20%3A%20premium-offer/int=%23OpR%2351735%23APN%20AU%20%3A%20PageData%20%3A%20Page%20Type%20%3A%20index/ug=%23OpR%2351736%23APN%20AU%20%3A%20PageData%20%3A%20Category%20%3A%20subscriptions/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.25.149
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 23ms
7ms Script
application/x-javascript 2600:9000:2057:4600:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.dailymercury.com.au
URL: https://www.dailymercury.com.au/subscriptions/premium-offer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4600:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 05:40:38 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 5367
etag: W/"5ea23d45-8e68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: JiWCEcJFcY2sLl7Cf1qJh6ECm5W94rzWJdJE99Lnkc0jXdT15LVEow==
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
expires: Mon, 14 Sep 2020 07:40:38 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 299ms
99ms Image
image/gif 54.172.203.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=dailymercury.com.au&p=%2Fsubscriptions%2Fpremium-offer%2F&u=C1NcN0yRq1DgxK1q&d=dailymercury.com.au&g=56549&g0=subscriptions&g1=No%20Author&g4=index&n=1&f=00001&c=0&x=0&m=0&y=1284&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&v=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&b=2549&t=DFyukbCPQnMuDBGp-RBHfLwKBWEHHP&V=120&i=Subscribe%20Now%20to%20Daily%20Mercury%20for%20exclusive%20premium%20stories&tz=-120&sn=1&sv=Cn0o9CHKV4zBAn0EfBvaDeqDxyJh8&sr=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&sd=1&im=06030400&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.203.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-203-45.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 14 Sep 2020 07:10:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 6ms
6ms Script
application/javascript 2600:9000:214f:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: seccdn-gl.imrworldwide.com
URL: https://seccdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 06:40:07 GMT
content-encoding: gzip
age: 1800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 31 Aug 2020 13:41:33 GMT
server: AmazonS3
etag: W/"931051f801612c3a0e2782961ac3d56c"
vary: Accept-Encoding
x-amz-version-id: __18ln110DzIeDzBUZGawAoUEY8dO7wW
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: nCJudzMkTs11ZIILEf1yvGaMBx3YFoW6rkVK9L0LNZbpCFbCvzJSSw==

GET
H2 200 PC03F72FF-4288-4A79-A769-62454AC4EF84.js Show response
cdn-gl.imrworldwide.com/conf/ 27 KB
7 KB 8ms
8ms Script
application/javascript 2600:9000:214f:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PC03F72FF-4288-4A79-A769-62454AC4EF84.js
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e096e7ba98c28732cfc688adf899c22a6f5e0db7dce7f27f177cc9e1716b765

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 06:34:01 GMT
content-encoding: gzip
age: 2166
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 14 Sep 2020 05:17:34 GMT
server: AmazonS3
etag: W/"0cc5141657d0e5e8a6b01537f6045954"
vary: Accept-Encoding
x-amz-version-id: qpeVL1sNB6BtOggO7FJpiwPc1VS7SDxa
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: eUIm4P9jOltHS_mGUG1udjtaGvSdPH14c07REfrpIE4Wyr9JPRbbVA==

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 170 KB
49 KB 10ms
9ms Script
application/javascript 2600:9000:214f:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PC03F72FF-4288-4A79-A769-62454AC4EF84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e06775da56ca92d7943167883c849bf3e18425f19a316c54531554254a3ef753

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 06:36:34 GMT
content-encoding: gzip
age: 2013
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
last-modified: Mon, 31 Aug 2020 13:41:33 GMT
server: AmazonS3
etag: W/"7091e9f855e2e7130746427316d51284"
vary: Accept-Encoding
x-amz-version-id: 5mhKBMVfyDG3meutjv0cTLS334SVXJnL
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: 5MvyKm0JNGWwxhp2z5c_T7SViZP7K2UVFK6ynkxVBfF5RjLAcS6oMg==

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame F86D 0
0 10ms
9ms Document
text/html 2600:9000:214f:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=515d1b40-f659-11ea-aaa2-bd315a2107dd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/

Response headers

status: 200
content-type: text/html
date: Mon, 14 Sep 2020 06:36:45 GMT
last-modified: Mon, 31 Aug 2020 13:41:32 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
x-amz-version-id: 8SzOU0T3jq5fDilujOsIQHDXhBBCvnxx
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: hhZfGNgIDG2klcKKQ_iIt9eyu4SVKIiv22V6cd3kGSxDJ-17eBDIzA==
age: 2001

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=274045516830868&ev=Microdata&dl=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&rl=https%3A%2F%2Fwww.dailymercury.com.au%2Fnews%2Fhow-melbournes-anti-lockdown-protests-compare-to-w%2F4098606%2F&if=false&ts=1600067407780&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Subscribe%20Now%20to%20Daily%20Mercury%20for%20exclusive%20premium%20stories%22%2C%22meta%3Adescription%22%3A%22Subscribe%20Now%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.2.1600067407779.599789171&it=1600067405523&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 07:10:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Sep 2020 07:10:07 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
528 B 38ms
38ms Image
image/gif 34.255.114.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b73_subscriptions_S&asn=subscriptions&sessionId=nhwRRHXTQ9ZS1PPdQ7dJxP9mKEDfp1600067406&prv=1&c6=vc,b73&ca=NA&c13=asid,PC03F72FF-4288-4A79-A769-62454AC4EF84&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,dailymercury&sup=0&segment2=&segment1=&forward=1&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,p0pD026wxehwddtvlFiQozgFH1TzH1600067406&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16000674068296663&c30=bldv,6.0.0.537&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1600067406778&c3=st,c&c64=starttm,1600067409&adid=1600067406778&c58=isLive,false&c59=sesid,&c61=createtm,1600067408&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.dailymercury.com.au%2Fsubscriptions%2Fpremium-offer%2F&c66=mediaurl,&c62=sendTime,1600067408&rnd=64728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.114.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.dailymercury.com.au/subscriptions/premium-offer/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 07:10:09 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imrworldwide.com/	1970-01-19 21:49:23	Name: IMRID Value: 515d1b40-f659-11ea-aaa2-bd315a2107dd
.imrworldwide.com/	1970-01-19 21:49:23	Name: SSCVER Value: v1
.demdex.net/	1970-01-19 16:46:59	Name: dextp Value: 358-1-1600067406547\|470-1-1600067406649
.demdex.net/	1970-01-19 16:46:59	Name: demdex Value: 53388363741361126350707823102239349795
.dailymercury.com.au/	1970-01-20 05:58:59	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18520%7CMCMID%7C53412231211197452490709945965425577273%7CMCAAMLH-1600672206%7C6%7CMCAAMB-1600672206%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1600074606s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18527%7CvVersion%7C4.4.0
.dailymercury.com.au/	1970-01-20 14:44:35	Name: nk Value: 25adc6f57518df0b8d243b7981153c7c
.dailymercury.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
.dailymercury.com.au/	1970-01-19 14:37:23	Name: _fbp Value: fb.2.1600067406263.872254072
www.dailymercury.com.au/	1969-12-31 23:59:59	Name: breach_original_referer Value:
.dailymercury.com.au/	1969-12-31 23:59:59	Name: s_sv_sid Value: 360540843566
.dailymercury.com.au/	1970-01-20 05:58:59	Name: _ncg_sp_id.c260 Value: 3f0027f7-0d48-4fca-8c02-4725bc8e7bef.1600067406.1.1600067406.1600067406.a9b308fa-ba33-4d3a-b811-92632926ab94
.dailymercury.com.au/	1970-01-19 12:27:49	Name: _ncg_sp_ses.c260 Value: *
.dailymercury.com.au/	1970-01-19 21:13:23	Name: utag_main Value: v_id:01748b73097b0012c8e37e98f36700078003c07000b08$_sn:1$_se:1$_ss:1$_st:1600069206204$ses_id:1600067406204%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:dailymercury.com.au
.dailymercury.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
www.dailymercury.com.au/	1969-12-31 23:59:59	Name: premium_subscription_redirect Value: true
www.dailymercury.com.au/	1970-01-19 12:27:48	Name: breach_url Value: https://www.dailymercury.com.au/news/how-melbournes-anti-lockdown-protests-compare-to-w/4098606/
.dailymercury.com.au/	1970-01-20 05:58:59	Name: _ga Value: GA1.3.1714138056.1600067406
.dailymercury.com.au/	1970-01-19 12:29:13	Name: _gid Value: GA1.3.1873898970.1600067406
.dailymercury.com.au/	1970-01-19 12:27:47	Name: _gat Value: 1
.dailymercury.com.au/	1969-12-31 23:59:59	Name: s_sq Value: %5B%5BB%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.ravenjs.com/3.17.0/raven.min.js(Line 2) Message: UTRACK loaded (from tealium)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
ads.rubiconproject.com
apnonline.112.2o7.net
au.tags.newscgp.com
bcp.crwdcntrl.net
cdn-gl.imrworldwide.com
cdn.ravenjs.com
cdnjs.cloudflare.com
cm.everesttech.net
code.jquery.com
connect.facebook.net
dnn506yrbagrg.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
media.apnarm.net.au
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
pagead2.googlesyndication.com
ping.chartbeat.net
s3.amazonaws.com
script.crazyegg.com
seccdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
static.chartbeat.com
stats.g.doubleclick.net
survey.112.2o7.net
tags.crwdcntrl.net
tags.news.com.au
tags.tiqcdn.com
www.dailymercury.com.au
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
104.111.215.136
104.111.230.142
13.238.204.116
143.204.208.128
15.188.154.177
15.236.175.233
2.21.37.24
2001:4de0:ac19::1:b:3a
2600:9000:2057:4600:18:1fcd:34e:d2a1
2600:9000:214f:5200:2:42d9:3100:93a1
2600:9000:214f:a00:1e:a43d:b640:93a1
2606:4700::6811:4f6b
2606:4700::6813:9408
2a00:1450:4001:801::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:814::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2004
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::729
34.248.119.134
34.255.114.251
52.217.0.5
52.48.137.92
54.172.203.45
54.194.171.8
54.72.197.28
66.117.28.86
99.86.2.32
99.86.2.36
99.86.2.59
00aa8074afa67c16a80e075fd456d58831dcd62a202d6c3180a0cbbfd0220b97
0337ba6b3d74817c8d3f3201b1552dbdb33b9ff9c2ce64c18036587bc6f6b254
05675daa3cce33be4cc7a7595ea53b36e0da229613706792f466124b435e211e
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0a15ca7eae5bb1b9bc165cf2bab8189dfb1645a4d4506e47c866167bbcc05b91
0d65919743905ca954e12255f116be6594f5c6ec20fab63ad2295ae71da41658
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14abbfd2093b092af43700ac3bfb9216f4c7c10f57f635d754274c42553f6987
1faf57464a2450e7ce373a9101c5b15fbb3ec5070c4536db2adb0510108ebbca
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
28bb785e4a47e05ddee451c7b10324f623ce85e9f64b883f2e9bb89da9edb4bd
35f924b80b170574350edbd6b734e74458e469d8e6ea45ede274f6bbad209578
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924
38f043d7571710b7e0a3640dc56134bc65603bc7cb39b745f5a93dbb365c9394
3e096e7ba98c28732cfc688adf899c22a6f5e0db7dce7f27f177cc9e1716b765
3fadd00a353fc61295aad4003da3c86afd22677a6149ec5db23c2aea8a3c0b02
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
490ad08176337d879e63ef33d506a16e87ea3417ac370852d2ba85ac9dac5e36
4b328e42c558197d5b99d7727cfcc60bac9763fad660651230e8baf93f6067ed
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
58d4f40d660f29ad998f9ed2f94d4b5fc95c28b50893eeb58bfde1ced0de4667
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f8160f31bb35ae9f60fa09c0cb511a8520ca2b10ef5fb869338531632ca5bc3
716b170a37df0b3e60269439f97779ec22a0d0ee5ea18bc01c5dc6958dfb5eda
728c49a2c9cae48f12242565437f2e0f7b3edffb1085ab28b28c03cb123561ae
7382c52f33b7a1c1bfdc868a48b6b1b227dd116753b120e088076b414acce2b4
7eab82ead1480897c3dedd5c6b4ef4ec553efacdca1ce23c3acd6bd8e9621046
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438
8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21
8e158a4de7b9f5744d6f58c4b6e364034ce4aedf98f6feb5e1f09bf1fb059a4b
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada
97672a6caf03c4dc08398a350a34a3269b983b34641fd888aa51e1a9d230c2c8
9dc4670360c62762a71cdc8d46d50f232e84446ee6884f6fe428ff221b6abc50
9fc07fd0a55b5a46c448413a8d3ae0858607acddb4849efd69f197226a54ff89
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a504bf2ac777dc85da266dc5ea135ab36d5cb06d43c23f5178b8e01133386d9b
aa0ab33001d05278fc59aa70b568a102b37239b22bb79978be28f5e1a58f4c2a
ab038a60a320d6b578f476578bb31d78c71655fd05e352096d03149654821579
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ad8b271778f27c5478343098b1a019b1b031f0dadec14dd83ab626f26008c094
b0e20b17466bf727c8495ea4c61d6687c9c10d0c1a72575828eed63063a32f6c
b175eef550feffffdf85e6f10711b519cfbc60602ff018ebf07439a6e51d6d9d
b41c65a254473fdb8cb0414a564fa193ffde90e9573a2c4b2afc9ee56d964797
b47bb9420bfdb0f26d036403d005c2df6fc815c22a3e9257955922ee1bbb3c73
b84270a825a99e91c84d9aa14dec021a97c271ed92b935b889cc06e8331168c5
ba040a751c847c68aa82841055fbcc7082457028ba656db011f4b4292494b55e
bb3110203407bab467aa5b23701d0fb64c3893406a8cd5dc7944acb700e58ed5
bf8bfb094d2d7b62816916693816a8a956853a538271778850e501fcefcd771f
c41cf0bef875dbb7f51d7b84b18e968ee80443330e5827d66c51db9c614d0c8d
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1e84d9fcc76d16198e1a0437d161a3b34c606cac4e088d7e3d7e68061ed2618
d2f5ee87a7a5ee5d9fbe5e000fccafb59e5448521c8e420ca3a53f1c16188e9e
dbe2f39d679680bec02757226881b9ac53fb18a7a6cf397e2bbe6d4724c1c8e1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea1fd1a662886439f50e9de820ef9bd1732cd1cb8b23fc0a0046cc634a93aa9
e06775da56ca92d7943167883c849bf3e18425f19a316c54531554254a3ef753
e656b2f8e340c025170aeb0634509df42d81b72da56d2de02bc50332dffd9412
e9a93e48069beefe5b36a4c9d4f0369e564d33b3c83dbf900353a7da313fad5f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
f4efb4a64fd8d6ba86925c2b108dedba518129c2fe208e80c0cd0dfc8fcc2334
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f707930b44cd9ee3f1e58385a64c832ce607af750165cb9c0f1405ae20e24bf5
fe7cc5c9c5fd6fe8dbcf81ddee97b1a438f0a2d94bf3ef6f659bd146f059fb1d

www.dailymercury.com.au Open in urlscan Pro 13.238.204.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

100 %HTTPS

49 %IPv6

29 Domains

36 Subdomains

34 IPs

8 Countries

3092 kBTransfer

5090 kBSize

20 Cookies

2 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dailymercury.com.au Open in urlscan Pro
13.238.204.116 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

100 %
HTTPS

49 %
IPv6

29
Domains

36
Subdomains

34
IPs

8
Countries

3092 kB
Transfer

5090 kB
Size

20
Cookies

110 HTTP transactions
0 data transactions