aflwtipping.afl Open in urlscan Pro
18.67.93.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.mail.aflwtipping.afl/c/eJxcjrGOwyAQRL8GSmvZZTFbUFyT34iws47REdvCnE7396dEqdKN3mhG75Z4Gj2D1eSCMESgwHZN6JyMjFGDCE7qslf2i4...
Effective URL:
https://aflwtipping.afl/
Submission: On September 19 via manual (September 19th 2023, 1:22:27 am UTC) from AU — Scanned from AU

Summary HTTP 111 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 24 domains to perform 111 HTTP transactions. The main IP is 18.67.93.125, located in United States and belongs to AMAZON-02, US. The main domain is aflwtipping.afl.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on April 13th 2023. Valid for: a year.

This is the only time aflwtipping.afl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.102.239.211 34.102.239.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21	18.67.93.125 18.67.93.125	16509 (AMAZON-02) (AMAZON-02)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.204.14 142.250.204.14	15169 (GOOGLE) (GOOGLE)
3	23.77.128.136 23.77.128.136	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
4	172.217.24.40 172.217.24.40	15169 (GOOGLE) (GOOGLE)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
2	13.35.147.90 13.35.147.90	16509 (AMAZON-02) (AMAZON-02)
2	52.95.130.158 52.95.130.158	16509 (AMAZON-02) (AMAZON-02)
8	142.250.67.2 142.250.67.2	15169 (GOOGLE) (GOOGLE)
1	52.64.114.26 52.64.114.26	16509 (AMAZON-02) (AMAZON-02)
7	172.217.24.46 172.217.24.46	15169 (GOOGLE) (GOOGLE)
1 6	13.54.169.41 13.54.169.41	16509 (AMAZON-02) (AMAZON-02)
8	172.217.24.33 172.217.24.33	15169 (GOOGLE) (GOOGLE)
1	3.106.101.175 3.106.101.175	16509 (AMAZON-02) (AMAZON-02)
2	63.140.56.123 63.140.56.123	15224 (OMNITURE) (OMNITURE)
1 1	18.138.79.132 18.138.79.132	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.167.98 172.217.167.98	15169 (GOOGLE) (GOOGLE)
12 16	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	23.215.59.10 23.215.59.10	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.153.211.209 54.153.211.209	16509 (AMAZON-02) (AMAZON-02)
2	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
1 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
4	54.66.65.228 54.66.65.228	16509 (AMAZON-02) (AMAZON-02)
4	99.84.66.53 99.84.66.53	16509 (AMAZON-02) (AMAZON-02)
5	142.250.66.226 142.250.66.226	15169 (GOOGLE) (GOOGLE)
1	64.233.170.155 64.233.170.155	15169 (GOOGLE) (GOOGLE)
2	142.250.204.4 142.250.204.4	15169 (GOOGLE) (GOOGLE)
1	142.250.66.195 142.250.66.195	15169 (GOOGLE) (GOOGLE)
12	34.211.174.64 34.211.174.64	16509 (AMAZON-02) (AMAZON-02)
111	30

1 34.102.239.211 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.239.102.34.bc.googleusercontent.com

email.mail.aflwtipping.afl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.67.93.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-125.syd62.r.cloudfront.net

aflwtipping.afl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.77.128.136 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-128-136.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f40.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.147.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-90.syd1.r.cloudfront.net

medrx.telstra.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.130.158 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

fgp-data.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.67.2 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.64.114.26 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-114-26.ap-southeast-2.compute.amazonaws.com

targeting.telstra.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f46.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.54.169.41 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-169-41.ap-southeast-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f33.1e100.net

fab7718e3d5f3f30d5d6c451d4b2d445.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.106.101.175 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-106-101-175.ap-southeast-2.compute.amazonaws.com

telstra.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.56.123 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-56-123.data.adobedc.net

infos.telstra.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.79.132 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-79-132.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.2.49 (United States) 12 redirects

ASN54113 (FASTLY, US)

rtd.tubemogul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.59.10 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-59-10.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.153.211.209 (Sydney, Australia) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.66.65.228 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-65-228.ap-southeast-2.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.66.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-66-53.hio50.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.66.226 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.4 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.195 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.211.174.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-174-64.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	aflwtipping.afl 1 redirects email.mail.aflwtipping.afl aflwtipping.afl	1 MB
20	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 1025 static.adsafeprotected.com — Cisco Umbrella Rank: 851 dt.adsafeprotected.com — Cisco Umbrella Rank: 765	342 KB
16	everesttech.net 12 redirects cm.everesttech.net — Cisco Umbrella Rank: 1990 rtd-tm.everesttech.net — Cisco Umbrella Rank: 4647 sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	4 KB
13	googlesyndication.com fab7718e3d5f3f30d5d6c451d4b2d445.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169 pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	153 KB
11	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	179 KB
7	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 319 telstra.demdex.net — Cisco Umbrella Rank: 610232	10 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	42 KB
5	telstra.com.au medrx.telstra.com.au — Cisco Umbrella Rank: 412548 targeting.telstra.com.au — Cisco Umbrella Rank: 519431 infos.telstra.com.au — Cisco Umbrella Rank: 370605	26 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	275 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 242 www.google.com — Cisco Umbrella Rank: 11	117 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 626	116 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 863	517 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	114 KB
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1620	1 KB
2	amazonaws.com fgp-data.s3.ap-southeast-2.amazonaws.com	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	89 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	28 KB
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 17063	408 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	732 B
1	pubmatic.com image5.pubmatic.com — Cisco Umbrella Rank: 101869
1	tubemogul.com 1 redirects rtd.tubemogul.com — Cisco Umbrella Rank: 12317	272 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	13 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
111	24

	Domain	Requested by
21	aflwtipping.afl	aflwtipping.afl
13	sync-tm.everesttech.net	9 redirects aflwtipping.afl
12	dt.adsafeprotected.com
8	securepubads.g.doubleclick.net	medrx.telstra.com.au securepubads.g.doubleclick.net aflwtipping.afl www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	dpm.demdex.net	1 redirects aflwtipping.afl
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	static.adsafeprotected.com	pixel.adsafeprotected.com aflwtipping.afl
4	pixel.adsafeprotected.com	aflwtipping.afl
4	www.googletagmanager.com	aflwtipping.afl www.google-analytics.com
3	assets.adobedtm.com	aflwtipping.afl assets.adobedtm.com
2	www.google.com	tpc.googlesyndication.com
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	ps.eyeota.net	2 redirects
2	rtd-tm.everesttech.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	infos.telstra.com.au	aflwtipping.afl
2	fgp-data.s3.ap-southeast-2.amazonaws.com	aflwtipping.afl
2	medrx.telstra.com.au	aflwtipping.afl medrx.telstra.com.au
2	connect.facebook.net	aflwtipping.afl connect.facebook.net
2	cdn.jsdelivr.net	aflwtipping.afl
2	apis.google.com	aflwtipping.afl apis.google.com
1	www.google.com.au
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com
1	image5.pubmatic.com	aflwtipping.afl
1	rtd.tubemogul.com	1 redirects
1	cm.everesttech.net	1 redirects
1	telstra.demdex.net	aflwtipping.afl
1	fab7718e3d5f3f30d5d6c451d4b2d445.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	targeting.telstra.com.au	medrx.telstra.com.au
1	cdnjs.cloudflare.com	aflwtipping.afl
1	email.mail.aflwtipping.afl	1 redirects
0	sync.search.spotxchange.com Failed
111	37

This site contains links to these domains. Also see Links.

Domain
www.afl.com.au
womens.afl
media.telstra.com.au
www.telstra.com.au
www.telstratv.com
www.afc.com.au
www.lions.com.au
www.carltonfc.com.au
www.collingwoodfc.com.au
www.essendonfc.com.au
www.fremantlefc.com.au
www.geelongcats.com.au
www.goldcoastfc.com.au
www.gwsgiants.com.au
www.hawthornfc.com.au
www.melbournefc.com.au
www.nmfc.com.au
www.portadelaidefc.com.au
www.richmondfc.com.au
www.saints.com.au
www.sydneyswans.com.au
www.westcoasteagles.com.au
www.westernbulldogs.com.au
geniussports.com

Subject Issuer	Validity	Valid
aflwtipping.afl Trusted Secure Certificate Authority 5	`2023-04-13` - `2024-04-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-28` - `2023-09-26`	3 months	crt.sh
medrx.telstra.com.au DigiCert TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-08-15`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-02-07`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
targeting.telstra.com.au DigiCert TLS RSA SHA256 2020 CA1	`2022-10-10` - `2023-10-10`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
infos.telstra.com.au DigiCert TLS RSA SHA256 2020 CA1	`2022-09-29` - `2023-10-30`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://aflwtipping.afl/
Frame ID: 8F4AC95323F1FE2AC05458D708E36F11
Requests: 75 HTTP requests in this frame

Frame: https://fab7718e3d5f3f30d5d6c451d4b2d445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 939BD773CC7FCE19FEFA12F0B53E60B6
Requests: 1 HTTP requests in this frame

Frame: https://telstra.demdex.net/dest5.html?d_nsid=0
Frame ID: 30A85F4F4EBD8AE211DA042A40A76C58
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvdZDoNBIZpNd145Zc1qQhWh-N7h8G5ZOc5loJyz9nTbKAmP0sJ4krsgOUli7kw2AYKaGD7JPHSSvKyfn8Gmrp5VgZHxMqod5x7eJnC0cg-nZI43cB6eANFkTGV8zlJbDnsO7OytsTiXztuTtCqTANdFZwjk-tzqnJBMwEgxBok-cGlLWrZWX5JGMmk_7mW6K3G_EYEI2ODg5ZSoU-RduACNFCKnWxfaqldDMqNK4rzeNNYM90YDbvv-Y3joLE1T7lAeuxWyzVfoezj3JYo3y6fCHn0276Zg75hjo283uQYfJS00qk0eiEWUXNoeFOBYmOWMCgj00m_Q&sai=AMfl-YSI0IUN1R40PHn0wriYtCPMUSegyZwmcNwINCtXSCoUFqBFTq3WznXf-F70f2e-mL84gIJBFYVSOy5tNqwQdEy0sKFKeZQfozns7fxVb1mLFXBT9yVsZ87jps0euJtwxdJ0qGgL9y_bNR1FgrY&sig=Cg0ArKJSzOFup_OVR9zEEAE&uach_m=[UACH]&adurl=
Frame ID: 85E370CD5811C17292C388055116D53C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrYPAjdxf8Gvas160uSNFQ0sjr06VjOhVSGyHZPUMd6X5K3BMqfPmtJ5h5cw_jb5EETC0atWpBRuxQ4XK_PNC8SbQKtdyQLBvA3jX_4nv2U3EMMvyX3Jca922FnKDcPgDFvJ1I0M7EklUhxXOCAQ6GpHStF44jJhO8K1cb7kPyI0qZPOa1neUDAkzXxFqfUuHqV4NY8gmEfxmGjw0cv7OXnkFzfVHiXBLt11yHHztnBM2gSjUQ3aUXGLwrPhPe8nOLYtVW2IyCZDULzYspSz4DW2t6qnmxDdCU_nre8lZDWUwstsfdWG68KkMkf64T441DdX1o5IY2Gg&sai=AMfl-YS3vVKGnlpmHvaDfDldPjE1yczvtacdr0zDuduyy0nBINVlHWdsDJrKr4xHuxH7FF1Rtt2zRaRx_lkTzHj5KAH5PavVr8FnhRAJlPQmpXBcMwF7wgSVe1FAKavB2wtmGcQmNX24Ey8CE2SdTks&sig=Cg0ArKJSzD2Fha1kEKWwEAE&uach_m=[UACH]&adurl=
Frame ID: E423B17589C181B2F4ACB6144DED3DB4
Requests: 6 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928325&campId=300x250&pubId=5184468609&chanId=22305632486&placementId=6361331927&pubCreative=138442414761&pubOrder=3165975048&cb=241210878&adsafe_par&impId=&custom=1&custom2=true&custom3=true
Frame ID: C98A5DE3E4231D845D5AB8AB2D835885
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=928325&campId=728x90&pubId=5184468609&chanId=22305632486&placementId=6361331927&pubCreative=138442371200&pubOrder=3165975048&cb=1073159655&adsafe_par&impId=&custom=1&custom2=false&custom3=false
Frame ID: 22524759EBF24D8F2601AF20439F6A74
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67FCC66F8C1BDA44BD51C8916B0ACC60
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B60984A45680C606810C90DEDF90A3FB
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 58E694B19427FA7B6637A86A22DF8FA9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B4DFAA52E8293EAFC7BC5F7E23ED3542
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Official AFLW Tipping

Page URL History Show full URLs

http://email.mail.aflwtipping.afl/c/eJxcjrGOwyAQRL8GSmvZZTFbUFyT34iws47REdvCnE7396dEqdKN3mhG75Z4Gj2D1eSCMESgwH... HTTP 302
https://aflwtipping.afl/ Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

Marionette.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone\.marionette.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

111
Requests

88 %
HTTPS

0 %
IPv6

24
Domains

37
Subdomains

30
IPs

4
Countries

3005 kB
Transfer

7918 kB
Size

28
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.afl.com.au/
Title: afl.com.au

Search URL Search Domain Scan URL

URL: https://womens.afl/
Title: womens.afl

Search URL Search Domain Scan URL

URL: https://media.telstra.com.au/home.html
Title: Telstra

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/tv-movies-music/telstra-tv
Title: Telstra TV

Search URL Search Domain Scan URL

URL: https://www.telstratv.com/boxoffice/
Title: Telstra TV Box Office

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/tv-movies-music/foxtel-from-telstra?ref=Net-Header2-foxtel
Title: Foxtel from Telstra

Search URL Search Domain Scan URL

URL: https://media.telstra.com.au/netball.html
Title: Netball

Search URL Search Domain Scan URL

URL: https://www.afc.com.au/
Title: Adelaide Crows

Search URL Search Domain Scan URL

URL: https://www.lions.com.au/
Title: Brisbane

Search URL Search Domain Scan URL

URL: https://www.carltonfc.com.au/
Title: Carlton

Search URL Search Domain Scan URL

URL: https://www.collingwoodfc.com.au/
Title: Collingwood

Search URL Search Domain Scan URL

URL: https://www.essendonfc.com.au/
Title: Essendon

Search URL Search Domain Scan URL

URL: https://www.fremantlefc.com.au/
Title: Fremantle

Search URL Search Domain Scan URL

URL: https://www.geelongcats.com.au/
Title: Geelong

Search URL Search Domain Scan URL

URL: https://www.goldcoastfc.com.au/
Title: Gold Coast Suns

Search URL Search Domain Scan URL

URL: https://www.gwsgiants.com.au/
Title: GWS Giants

Search URL Search Domain Scan URL

URL: https://www.hawthornfc.com.au/
Title: Hawthorn

Search URL Search Domain Scan URL

URL: https://www.melbournefc.com.au/
Title: Melbourne

Search URL Search Domain Scan URL

URL: https://www.nmfc.com.au/
Title: North Melbourne

Search URL Search Domain Scan URL

URL: https://www.portadelaidefc.com.au/
Title: Port Adelaide

Search URL Search Domain Scan URL

URL: https://www.richmondfc.com.au/
Title: Richmond

Search URL Search Domain Scan URL

URL: https://www.saints.com.au/
Title: St Kilda

Search URL Search Domain Scan URL

URL: https://www.sydneyswans.com.au/
Title: Sydney Swans

Search URL Search Domain Scan URL

URL: https://www.westcoasteagles.com.au/
Title: West Coast Eagles

Search URL Search Domain Scan URL

URL: https://www.westernbulldogs.com.au/
Title: Western Bulldogs

Search URL Search Domain Scan URL

URL: https://geniussports.com/media-engagement/free-to-play-games/

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://media.telstra.com.au/terms-of-use.html
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/privacy/privacy-statement
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/terms-of-use?ref=Net-Footer-Corp-CopyTM#copyright
Title: Copyright & Trademark

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/consumer-advice/cyber-safety?ref=Net-Footer-Online-Security
Title: Online Security

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.mail.aflwtipping.afl/c/eJxcjrGOwyAQRL8GSmvZZTFbUFyT34iws47REdvCnE7396dEqdKN3mhG75Z4Gj2D1eSCMESgwHZN6JyMjFGDCE7qslf2i4L4KDcmsSUhIIG4iESCNDg_ssu8hFFmDRSNh0cudchL_e3lOMp2f2Zb09r7cRr6MngxePnoX5DewLY0577-DVPN32o8bHvr-9b2U5efOrVyX_sw7w_b0_Pm-p5dm54vO_oPAAD__0XxRNQ HTTP 302
https://aflwtipping.afl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1695086539580 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1695086539580

Request Chain 46

https://cm.everesttech.net/cm/dd?d_uuid=41603878707840466822989573336795610278 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZQj3zAAAAIB6VAM8

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE2MDM4Nzg3MDc4NDA0NjY4MjI5ODk1NzMzMzY3OTU2MTAyNzg= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDE2MDM4Nzg3MDc4NDA0NjY4MjI5ODk1NzMzMzY3OTU2MTAyNzg=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEM_5XxNCc8FH84cqUl-oegw&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 49

https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/ct/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAJ9jSiqwBU HTTP 302
https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZQj3zAAJ9jSiqwBU

Request Chain 53

https://ps.eyeota.net/match?bid=6j5b2cv&uid=41603878707840466822989573336795610278&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=41603878707840466822989573336795610278&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 66

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=ZQj3zAARWBYvSQAN

Request Chain 67

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=ZQj3zAAOKJRrvABV

Request Chain 68

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAOKONsWQBV HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQj3zAAOKONsWQBV&_test=ZQj3zAAOKONsWQBV HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQj3zAAOKONsWQBV&_test=ZQj3zAAOKONsWQBV&C=1

Request Chain 69

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAONaFciwA4

Request Chain 70

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAAAtBdOAA4 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQj3zAAAAtBdOAA4&_test=ZQj3zAAAAtBdOAA4 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZQj3zAAAAtBdOAA4&_test=ZQj3zAAAAtBdOAA4

Request Chain 71

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D&_test=ZQj3zAARV8ovSgAN

Request Chain 72

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZQj3zAAAAtBdOAA4&img=1

Request Chain 73

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZQj3zAAAAtBdOAA4&t=2592000&o=0

111 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
aflwtipping.afl/
Redirect Chain

http://email.mail.aflwtipping.afl/c/eJxcjrGOwyAQRL8GSmvZZTFbUFyT34iws47REdvCnE7396dEqdKN3mhG75Z4Gj2D1eSCMESgwHZN6JyMjFGDCE7qslf2i4L4KDcmsSUhIIG4iESCNDg_ssu8hFFmDRSNh0cudchL_e3lOMp2f2Zb09r7cRr6Mngxe...
https://aflwtipping.afl/

41 KB
7 KB

22ms
4ms

Document
text/html

18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4edbd6fbd49b1eb2e74c570f3ab35a5f6ce7d8171ee6dc81f09b6d1151f434b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 105
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-type: text/html
date: Tue, 19 Sep 2023 01:21:26 GMT
etag: W/"710a556631f9068dbda36d011e18ff18"
last-modified: Mon, 28 Aug 2023 06:26:00 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-amz-cf-id: Kw6c3wOWvr4qOwAyupOpWn5RW2TuEvnvcs_7ycSDTMWe-sebnTlAVg==
x-amz-cf-pop: SYD62-P1
x-cache: Hit from cloudfront

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Length: 414
Content-Type: text/html
Date: Tue, 19 Sep 2023 01:22:17 GMT
Location: https://aflwtipping.afl/#tipping
X-Robots-Tag: noindex
X-Xss-Protection: 1; mode=block

GET
H2 200 mobile-detect.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.1/ 36 KB
13 KB 41ms
7ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.1/mobile-detect.min.js

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

773e5bbc4fb9297bc224eb406ea65168fe8d36586ff15b997e373943bbf0e643

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1578375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12897
last-modified: Thu, 22 Jun 2023 11:09:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942be2-3261"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRLiCogypTRYmgmghY5bdKM6QpNiimPPuDg7mk6otdcIvjoVMvdky7oHousrogbWhQ%2BGrgGMb3oGMK0pZafyu2G82BIrPAFcJE58X9rr1AjoRIqneHUWC0m2mcltE%2FAnKCsWT1Ws"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 808e044d2c72a953-SYD
expires: Sun, 08 Sep 2024 01:22:17 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 18 KB
7 KB 349ms
243ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

sffe /

Resource Hash

ef3490cddd6546d2220d178658aafd1f154bb723aa66218cd2cdfca92083e413

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 01:22:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7116
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "011f8eff811a57c7"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 01:22:18 GMT

GET
H2 200 integration.css
aflwtipping.afl/telstra-furniture/resources/ver/styles/ 41 KB
8 KB 10ms
0ms Stylesheet
text/css 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/telstra-furniture/resources/ver/styles/integration.css
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38432eb021bb8945d07709a456cbac71801a3ef4a9f468fa15cabc5d6ac69312

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 15:35:50 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 00:45:29 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 35188
etag: W/"2e90561d4e745ae40e7a5c9030aa2e9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: Ql3vyWiilRX-lIfBEhigjQlRql7YDih6HAWJRRcOcNBi7aO0DK_4PQ==

GET
H2 200 launch-EN3d02652f91254186bbc3ab768d3098b9.min.js Show response
assets.adobedtm.com/ 419 KB
113 KB 718ms
102ms Script
application/x-javascript 23.77.128.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.128.136 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-128-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 494ebd34ef0d87f6106950b7cadf0de42172c7aac6baa4f09cae64642aa9325d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 04:57:59 GMT
server: AkamaiNetStorage
etag: "4206227512a61f699b632666b3c651db:1694667479.788076"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://aflwtipping.afl
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 115614
expires: Tue, 19 Sep 2023 02:22:19 GMT

GET
H2 200 lodash.min.js Show response
cdn.jsdelivr.net/npm/lodash@4.17.20/ 71 KB
27 KB 740ms
140ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lodash@4.17.20/lodash.min.js

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

babfd8947314f7a3311c4b32ddf1c6b336476acecdcc7e114250f8b4356f161c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 01:22:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2402930
x-jsd-version: 4.17.20
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27145
x-served-by: cache-fra-etou8220074-FRA, cache-bfi-kbfi7400072-BFI
x-jsd-version-type: version
etag: W/"11c65-ARsfMGdZyqzLwbd5kV92N5FX7vc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
aflwtipping.afl/css/ 288 KB
48 KB 18ms
5ms Stylesheet
text/css 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/css/style.css?1693203914538
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce9691fb566125fb7f73edf445a45cc4e34f03c68bd3483af36043b27b3288d1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:27:35 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 06:25:57 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 17683
etag: W/"888d4701fad57d3a739c406f5f653c6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: JkjyNenxUhsr_YAJH2tTvpsM9q3zFQF2uddr-7GwTcOHD6W4ioVGZA==

GET
H2 200 jquery.min.js Show response
aflwtipping.afl/js/ 95 KB
33 KB 17ms
4ms Script
application/javascript 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/js/jquery.min.js?1693203914550
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:55:17 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 06:25:58 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 19621
etag: W/"4f252523d4af0b478c810c2547a63e19"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: DMUgOpBg5RNeUrFHTdoPZGAIvrQkMFgJ_zoTc8tEQ7yPsAzTrBihPQ==

GET
H2 200 underscore-min.js Show response
aflwtipping.afl/js/ 19 KB
8 KB 18ms
6ms Script
application/javascript 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/js/underscore-min.js?1693203914554
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bc0ea4e2fe66ac337fb1863bbdb4c8f044ee4e84dbe0f0f1b3959bebfa539c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:27:35 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 06:25:58 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 17683
etag: W/"5e69b8b4c93891157f2dac3721873c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: LjiZ4WmE4BSCzPkwuPIPm_KpEfeEn5HFPa6a5PhOHSzepDRcblfy2Q==

GET
H2 200 backbone-min.js Show response
aflwtipping.afl/js/ 24 KB
8 KB 14ms
3ms Script
application/javascript 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/js/backbone-min.js?1693203914554
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38ef8a0ff6cc1b70ebe7b2cedbb66160bdb36212cfd422489025d45039c536e7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:55:17 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 06:25:57 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 19621
etag: W/"93a2e442d9ea4e6bfc6fe8789d7277f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: w9JtxQkkWj04BMtVnF4NIEXTP7vBIkC16Y5Wz2pLGGelF3Azb3y_PA==

GET
H2 200 backbone.radio.min.js Show response
aflwtipping.afl/js/ 4 KB
2 KB 18ms
8ms Script
application/javascript 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/js/backbone.radio.min.js?1693203914554
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 538112766595780425b70f99c8507f8443545733f01c69e359bac387939ca7c8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 03:34:27 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 06:25:58 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 78471
etag: W/"2118083ae3f0287a79180469f0162134"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lTqvLedAZEXfjmleuC7nGpC1n2UCCK5LigXhN40rL_7rIuTT4wKdfg==

GET
H2 200 backbone.marionette.min.js Show response
aflwtipping.afl/js/ 44 KB
12 KB 19ms
10ms Script
application/javascript 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/js/backbone.marionette.min.js?1693203914554
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ee45e444342e1d75d120cf8c95c6f6b34adc300b21d682ca586a6785a96df4c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 19:35:49 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 06:25:57 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 20803
etag: W/"e3dde54697bc3b320dc6da7081c1728a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fukSR0yg_Vdceb1xveUIyZ5jZS92jnzMCjc1yQTgo_M-YBuKPb7WXw==

GET
H2 200 app.min.js Show response
aflwtipping.afl/js/ 909 KB
201 KB 18ms
9ms Script
application/javascript 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/js/app.min.js?1693203924034
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e2368f7a9d9f985a4bc3cfd86a172b09639d100b67893db8059a52d69e81ff4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:27:35 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 06:25:57 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 17683
etag: W/"54eb647704eb41dd0b99cde51e6d8a58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: wFqPqGPZDyALksidcNJuhMSXtx_paQoWb0pbw1Dehb7quu5ZsmQU4Q==

GET
H2 200 polyfill.min.js Show response
cdn.jsdelivr.net/npm/promise-polyfill@7/dist/ 3 KB
1 KB 778ms
182ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/promise-polyfill@7/dist/polyfill.min.js

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

17d313a7567c497811d486bfe7dd1344f472ea31632f5cd896b2be200aef57d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 01:22:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 8714
x-jsd-version: 7.1.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1208
x-served-by: cache-fra-eddf8230037-FRA, cache-bfi-kbfi7400072-BFI
x-jsd-version-type: version
etag: W/"bfa-j3ZPJGcId2v4PTx9nnK3etUo4is"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 telstra-image.jpg
aflwtipping.afl/telstra-furniture/resources/ver/i/elements/ 15 KB
16 KB 4ms
2ms Image
image/jpeg 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aflwtipping.afl/telstra-furniture/resources/ver/i/elements/telstra-image.jpg
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88f9322f5e1ad8e3ff4e37ec0f51d43bd92294f5f84f966bde87eed9e42bc259

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:05:33 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 00:45:17 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 83806
etag: "f2c35b04f1378a99f49a171dea83be9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 15763
x-amz-cf-id: 6fVemjJKT4MleqopKWWUTcGCFaL5N5e567csypZC-0CpaURjz2U_vQ==

GET
H2 200 telstra-bar.min.js Show response
aflwtipping.afl/telstra-furniture/resources/ver/scripts/ 1 KB
964 B 4ms
3ms Script
application/javascript 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/telstra-furniture/resources/ver/scripts/telstra-bar.min.js
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d723548c0a900125b976a47c7aaef1ba807b73b9bfa2bab01f4b08c73526e4e5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 12:55:16 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 00:45:29 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 45237
etag: W/"6ec78eaccf24b49ca2b47ada055ccb81"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: C22eYwijKPhO-tuES4ztZ0LZ6NzRDEDN6uBQGmsHTMeoFZNRtFCKWw==

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IoxrLNdlTyI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9N48n3oloz8UTxoCozKcpUKaADkg/ 317 KB
109 KB 5ms
3ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IoxrLNdlTyI.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9N48n3oloz8UTxoCozKcpUKaADkg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f14.1e100.net

Software

sffe /

Resource Hash

540d761da5c806e5b6ea6ab8f163cbbe93fe1e72f324c5ed0f92be7c138340a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 05:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110636
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 15:23:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Sep 2024 05:30:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
59 KB 506ms
107ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3TT97S&l=dataLayerClubs

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

13ddb12969451cc85022349c1c512a94977467e8e73ea4b10c7487da301c6245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59738
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Sep 2023 01:22:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 143 KB
54 KB 600ms
200ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NV5VXWQ

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

40d133fb25eb94e23842f47827ea4ecabbc0f5ef9443610aca3846e0733fb313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55599
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Sep 2023 01:22:19 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 309ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

5d6332b7f91554f90e5f18696cef398c01c82bc3126753361829bb6777beb5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 01:22:18 GMT
content-md5: iI8d7+4HyWf65hsQLP3wsA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-debug: b3OkyhJ0PNnohT0QoAwVa9OpBlpbT4IRqFMJzlcN4RRseV3ZSK9FRrkxoBrtaVdz++Te0BiT28IU2bKsWcClTA==
x-fb-content-md5: 4a87bfc1afbb283938bdce5d67116f8b
cross-origin-opener-policy: same-origin-allow-popups
etag: "28c4d311019b17e7b53565ba166e19a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 19 Sep 2023 01:24:26 GMT

GET
H2 200 icons.svg
aflwtipping.afl/telstra-furniture/resources/ver/i/svg-output/ 2 MB
847 KB 4ms
3ms Other
image/svg+xml 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/telstra-furniture/resources/ver/i/svg-output/icons.svg
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 086370e43bcb573a75d988f0c1e715dee7e8f928bda5322243f982542d53deb8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:35:17 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 00:45:29 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 17222
etag: W/"ea999179e4807518ff74585d1237dd41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: D-0yeIM4_QgpcTGiKVIYRwqL5Yb1z6MH_ZWCKXaqPIMQ9adIPmXpuw==

GET
H/1.1 200
OK lib.js Show response
medrx.telstra.com.au/tmaf/ 18 KB
19 KB 71ms
3ms Script
text/javascript 13.35.147.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://medrx.telstra.com.au/tmaf/lib.js
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-90.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14663a3520b1d6e90d54d41e8667827f314498537acc7048398c920db9c436c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Mon, 18 Sep 2023 16:17:30 GMT
Via: 1.1 53c1b15bee05a74bbf23a945358028ec.cloudfront.net (CloudFront)
Last-Modified: Tue, 08 Aug 2023 02:59:02 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SYD1-C1
Age: 32689
ETag: "9f00ce74f39eb0eefb9581efdd01b5c3"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18649
X-Amz-Cf-Id: IuFP0ICr3woCdk9yr6CEq8X4GXAGWu0VxMup0xRM1bj_zmFtRzwCgQ==

GET
H2 200 antennacond-regular-webfont.woff
aflwtipping.afl/fonts/antenna_cond/regular/ 31 KB
32 KB 7ms
5ms Font
font/woff 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/fonts/antenna_cond/regular/antennacond-regular-webfont.woff
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/css/style.css?1693203914538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efd6c5b8ae25cac0cc1fc8c67e2caa8dea421d5a70f543fbed268bdc996871be

Request headers

Referer: https://aflwtipping.afl/css/style.css?1693203914538
Origin: https://aflwtipping.afl
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 22:53:57 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 8902
x-cache: Hit from cloudfront
content-length: 32136
last-modified: Fri, 16 Jun 2023 00:44:55 GMT
server: AmazonS3
etag: "5b9157acc9a294a4bc9d729474f1050d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://aflwtipping.afl
vary: Accept-Encoding,Origin
access-control-allow-credentials: true
x-amz-cf-id: p7nudUkl0rHFjQDCCiA_A16n8vVe5iks607JM0yoAWoUEQzyRnDJdA==

GET
H2 200 TitilliumWeb-Bold.ttf
aflwtipping.afl/telstra-furniture/resources/ver/fonts/ 59 KB
30 KB 7ms
6ms Font
font/ttf 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/telstra-furniture/resources/ver/fonts/TitilliumWeb-Bold.ttf
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/telstra-furniture/resources/ver/styles/integration.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 794cb1239d5d6a1da0cbced1fe93aeb0fc78a68f51e9f1b5811241205e708380

Request headers

Referer: https://aflwtipping.afl/telstra-furniture/resources/ver/styles/integration.css
Origin: https://aflwtipping.afl
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 21:25:16 GMT
content-encoding: gzip
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 14330
x-cache: Hit from cloudfront
last-modified: Fri, 16 Jun 2023 00:45:14 GMT
server: AmazonS3
etag: W/"c0ed298b76c18ff87ff9c915d85ed632"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: https://aflwtipping.afl
vary: Accept-Encoding,Origin
access-control-allow-credentials: true
x-amz-cf-id: v9JGJCwHU0nnvpkm-H8TrUvPD2ilEk9DtdIZxN-M8QSS1RJv8H8jCQ==

GET
H/1.1 200
OK notification-bar.json Show response
fgp-data.s3.ap-southeast-2.amazonaws.com/json/aflw_aflw_tipping/ 286 B
975 B 46ms
33ms XHR
application/json 52.95.130.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fgp-data.s3.ap-southeast-2.amazonaws.com/json/aflw_aflw_tipping/notification-bar.json?_=1695086538605
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/js/jquery.min.js?1693203914550
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.130.158 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ecb5e7c04c8457900d29cd8a89079e7881065fc0dc9ec5ac427db987e9c1aaf0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://aflwtipping.afl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 19 Sep 2023 01:22:19 GMT
x-amz-version-id: PxA7B7PruljsFhbau_t9Ux7fBwh5o3F9
x-amz-request-id: 5J3T0ZEXDZR860C4
x-amz-server-side-encryption: AES256
Content-Length: 286
x-amz-id-2: ZIKnJbgyzV6MFULJ8jQTCh5kQ37SjsYpFIZfCGMyrYh8u4psXSx53rkAQ9wMWNlNZSpkwdzwWEA=
Last-Modified: Wed, 09 Aug 2023 03:06:09 GMT
Server: AmazonS3
ETag: "8020ace75e3377ada54f4aeefe370a90"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://aflwtipping.afl
Content-Type: application/json
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H/1.1 200
OK banner.json Show response
fgp-data.s3.ap-southeast-2.amazonaws.com/json/aflw_aflw/ 190 B
886 B 45ms
38ms XHR
application/json 52.95.130.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fgp-data.s3.ap-southeast-2.amazonaws.com/json/aflw_aflw/banner.json?_=1695086538610
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/js/jquery.min.js?1693203914550
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.130.158 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3497e12151dc33c866086a46a0b8277940885fb377e281960887f2497f27e63b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://aflwtipping.afl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 19 Sep 2023 01:22:19 GMT
Content-Encoding: gzip
x-amz-version-id: iTP_1W6NTbfzDpD7boYHZnD3pL7XdFTl
x-amz-request-id: 5J3JF64FJP7HZ9JZ
x-amz-server-side-encryption: AES256
Content-Length: 173
x-amz-id-2: 35bF09Pwy9qCnSwvD/kV1WgFDklkrd3osDjSXqpV6Qh9OcAOx9UWlFf4BtMPCzzCRAESLzcNHRI=
Last-Modified: Wed, 09 Aug 2023 03:05:57 GMT
Server: AmazonS3
ETag: "8a79d77bb7e08f7743c61a4c9f36dca4"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://aflwtipping.afl
Content-Type: application/json
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H2 200 logo.png
aflwtipping.afl/img/aflw-aflw-tipping/ 22 KB
23 KB 2ms
2ms Image
image/png 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aflwtipping.afl/img/aflw-aflw-tipping/logo.png
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28a66e4c9b6a66bb4c8a81ca6a02978dba2f655703cd7ae1abe46698771e16d4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:35:16 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Tue, 08 Aug 2023 10:49:57 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 17595
etag: "1327b92d520fa89773926ae1cb94b947"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 22714
x-amz-cf-id: abgFnhFfDCdaDb_Ddzq1B_GnGV5KMvg6Ju22OtDkjbQRT1EE39AwYw==

GET
H2 200 cryptocom.png
aflwtipping.afl/img/aflw-aflw-tipping/ 16 KB
16 KB 3ms
3ms Image
image/png 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aflwtipping.afl/img/aflw-aflw-tipping/cryptocom.png
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04f974702a679bc878de6e330ebc33ba79cbf1ab446d41e73d8e8d78a6d35661

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:05:17 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Tue, 08 Aug 2023 10:49:57 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 44222
etag: "ecbf228dee07c048d2a2a4950cdf7e20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 16153
x-amz-cf-id: ormuxy3tNoZ6yxHYqb4UhPD5UQn1q8HM0LPlT09TWC5xhSa7kDchdg==

GET
H2 200 AFLW_2023.gif
aflwtipping.afl/img/aflw-aflw-tipping/ 61 KB
62 KB 3ms
3ms Image
image/gif 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aflwtipping.afl/img/aflw-aflw-tipping/AFLW_2023.gif
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86547d94886aa32ac5bda7aead234af93d545dd491b95ccb3d952d80dd0ad544

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 21:05:16 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:57:23 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 15498
etag: "36f6abcc0b300347dcd2d334c0978e49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
content-length: 62778
x-amz-cf-id: HReU51y2CGwiNwWuo00fNHAycukJqm8fjVXBXHPY4Q5R0QjKLp_mgg==

GET
H2 200 AntennaComp-RegularItalic.woff
aflwtipping.afl/fonts/antenna_comp/regular-italic/ 21 KB
22 KB 3ms
2ms Font
font/woff 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/fonts/antenna_comp/regular-italic/AntennaComp-RegularItalic.woff
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/css/style.css?1693203914538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a331b5bfa8889493c0c4f7ce1a62790adcc5f4446418ab05c2789aaeaa2c34d5

Request headers

Referer: https://aflwtipping.afl/css/style.css?1693203914538
Origin: https://aflwtipping.afl
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 13:55:17 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 41222
x-cache: Hit from cloudfront
content-length: 21716
last-modified: Fri, 16 Jun 2023 00:44:54 GMT
server: AmazonS3
etag: "15073d727850cf5a020ed6995f0ab750"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://aflwtipping.afl
vary: Accept-Encoding,Origin
access-control-allow-credentials: true
x-amz-cf-id: j2X--Yj7WbqH8AMAkvpDTFQDhW-l9AYOlNivepPi9zYxqe9Xs0PiPQ==

GET
H2 200 AntennaComp-Black.woff
aflwtipping.afl/fonts/antenna_comp/black/ 18 KB
19 KB 3ms
3ms Font
font/woff 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/fonts/antenna_comp/black/AntennaComp-Black.woff
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/css/style.css?1693203914538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f151596a10740409beba2a95e9065f7998ec56e1f1338429ef9cbc655b96770

Request headers

Referer: https://aflwtipping.afl/css/style.css?1693203914538
Origin: https://aflwtipping.afl
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 15:15:33 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 36602
x-cache: Hit from cloudfront
content-length: 18668
last-modified: Fri, 16 Jun 2023 00:44:54 GMT
server: AmazonS3
etag: "2364db5962212af6b910b1b48d18bffa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://aflwtipping.afl
vary: Accept-Encoding,Origin
access-control-allow-credentials: true
x-amz-cf-id: 98LgTtl0zCDXQfwmsYZIhromBTyT75BysQcOqxl6RzdCSYzllqDYnQ==

GET
H2 200 fontawesome-webfont.woff2
aflwtipping.afl/fonts/font_awesome/ 75 KB
76 KB 3ms
3ms Font
font/woff2 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/fonts/font_awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/css/style.css?1693203914538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://aflwtipping.afl/css/style.css?1693203914538
Origin: https://aflwtipping.afl
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 20:45:17 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 16874
x-cache: Hit from cloudfront
content-length: 77160
last-modified: Fri, 16 Jun 2023 00:44:57 GMT
server: AmazonS3
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://aflwtipping.afl
vary: Accept-Encoding,Origin
access-control-allow-credentials: true
x-amz-cf-id: dVkdB6csFbPRXK9vdSIZtTUitc7s8OIyMI_AX3cv8D5iw_j7yJRh6A==

GET
H2 200 antennacond-bold-webfont.woff
aflwtipping.afl/fonts/antenna_cond/bold/ 31 KB
32 KB 4ms
4ms Font
font/woff 18.67.93.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aflwtipping.afl/fonts/antenna_cond/bold/antennacond-bold-webfont.woff
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/css/style.css?1693203914538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-125.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f5f53c8f341574d73ffdbf46f0137886d4d98b6176864354a2d6e93987b75ff

Request headers

Referer: https://aflwtipping.afl/css/style.css?1693203914538
Origin: https://aflwtipping.afl
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 21:25:16 GMT
via: 1.1 1d3e75fe2262e8a6f4a318b2bf3e6570.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 14330
x-cache: Hit from cloudfront
content-length: 31932
last-modified: Fri, 16 Jun 2023 00:44:54 GMT
server: AmazonS3
etag: "3a6d9f9bf6b761280374d79525bb52d9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://aflwtipping.afl
vary: Accept-Encoding,Origin
access-control-allow-credentials: true
x-amz-cf-id: Pw0_gJ7Mak-qehgJ_sjrLL9CZqDAejmagyewdYWCzghsjjqyZXpNwA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 838ms
433ms Script
text/javascript 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: medrx.telstra.com.au
URL: https://medrx.telstra.com.au/tmaf/lib.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

f5eff6b2680841d9f1ac2f817c78055071d66c4679c39e882848c799d9664a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29303
x-xss-protection: 0
server: cafe
etag: 2 / 19619 / m202309140101 / config-hash: 18056494581295180835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 01:22:19 GMT

GET
H/1.1 200
OK online.php Show response
targeting.telstra.com.au/ 22 B
565 B 130ms
22ms Script
application/javascript 52.64.114.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.telstra.com.au/online.php?cb=_telstra_cb_0

Requested by

Host: medrx.telstra.com.au
URL: https://medrx.telstra.com.au/tmaf/lib.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.64.114.26 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-114-26.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

b95293a8046c49f0647f4f03e3d554513cad1528d287ca3b5d071ee0049c6cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 01:22:18 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: PHP/7.1.33
X-Cache: MISS from medrx.telstra.com.au
Content-Type: application/javascript
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 22

GET
H/1.1 200
OK afl.js Show response
medrx.telstra.com.au/tmaf/publisher/ 5 KB
6 KB 2ms
2ms Script
text/javascript 13.35.147.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://medrx.telstra.com.au/tmaf/publisher/afl.js
Requested by: Host: medrx.telstra.com.au
URL: https://medrx.telstra.com.au/tmaf/lib.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-90.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3673b96f1861ecf40bc6759993a52b55992449cc96597bbc41dea79932d7ef2c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Mon, 18 Sep 2023 16:23:15 GMT
Via: 1.1 53c1b15bee05a74bbf23a945358028ec.cloudfront.net (CloudFront)
Last-Modified: Tue, 08 Aug 2023 02:59:03 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SYD1-C1
Age: 32343
x-amz-server-side-encryption: AES256
ETag: "7af1cef0cd55115c9fc35f1a210737ec"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5543
X-Amz-Cf-Id: A4Sf2-8b7-cs8k4aYBBuaxRSy6PK9dZ7Spx0SLbBzibSwwiczvzXMw==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
87 KB 307ms
2ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=235703272b4ab8bc132af5975264edb5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

d049678c37346aa4f3c4f603dd59ee599c416e0750ffbd61ccc38e7ce5fc1535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://aflwtipping.afl/
Origin: https://aflwtipping.afl
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 01:22:19 GMT
content-md5: MqE6ZE8YQP1NU+309BY7ZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88121
x-fb-debug: W6iyptfBFfiC1jsSMmY8HR4Thdz+eYNKE9hehbld4Pme6rY+yP2i9/Am0ZVt+2wtpazP0qa9soZa1uzqI+9r+A==
x-fb-content-md5: c99bb8d85275ffd4c82ad4d314c94ce9
cross-origin-opener-policy: same-origin-allow-popups
etag: "9e4ca169c57131c842824e6f2ed48ae2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 17 Sep 2024 23:08:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 401ms
2ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV5VXWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 00:11:20 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4259
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 19 Sep 2023 02:11:20 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1695086539580
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1695086539580

3 KB
2 KB

5ms
5ms

XHR
application/json

13.54.169.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1695086539580

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

HTTP/1.1

Server

13.54.169.41 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-54-169-41.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

80836f2faf10947b9a0ccd04006d82ac96a35403e5622b912a48c613167b17fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

DCS: dcs-prod-apse2-2-v049-0c9414ca6.edge-apse2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: +nH8APiURq8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://aflwtipping.afl
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1153
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-apse2-1-v049-09f2a53ec.edge-apse2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WTMiU5NzTtQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://aflwtipping.afl
Location: https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1695086539580
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 RCdc744eff900347c9b36173e12cb9cf1c-source.min.js Show response
assets.adobedtm.com/475abcba9222/385343287bec/33814d1f3c8c/ 4 KB
2 KB 180ms
179ms Script
application/x-javascript 23.77.128.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/475abcba9222/385343287bec/33814d1f3c8c/RCdc744eff900347c9b36173e12cb9cf1c-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.128.136 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-128-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f7a07b9822f319cc41cf79d6944ee1034fb9f91bdea46a1700abfa946279ed17

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 04:58:00 GMT
server: AkamaiNetStorage
etag: "83c17e39b5bb21536cd5c3daf7067d6a:1694667480.6285"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://aflwtipping.afl
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1541
expires: Tue, 19 Sep 2023 02:22:19 GMT

GET
H2 200 RC9dba59e3374a4d799c917d194382343d-source.min.js Show response
assets.adobedtm.com/475abcba9222/385343287bec/33814d1f3c8c/ 707 B
697 B 191ms
190ms Script
application/x-javascript 23.77.128.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/475abcba9222/385343287bec/33814d1f3c8c/RC9dba59e3374a4d799c917d194382343d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.77.128.136 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-128-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6b2061ad9612c64094d81dd0d32914ae0a64ba8f6573b63eb4bbb128e71b1c2f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 04:58:00 GMT
server: AkamaiNetStorage
etag: "83c17e39b5bb21536cd5c3daf7067d6a:1694667480.6285"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://aflwtipping.afl
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 442
expires: Tue, 19 Sep 2023 02:22:19 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/ 409 KB
129 KB 3ms
2ms Script
text/javascript 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 12:10:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47484
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131810
x-xss-protection: 0
server: cafe
etag: 9411153894055172020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 17 Sep 2024 12:10:55 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
791 B 194ms
194ms Fetch
text/plain 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2330512442957548&correlator=1224174145462585&eid=31078015&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&iu_parts=7414%2CTEL.AFL%2CWomensTipping&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C1x1%2C5x1%2C4x1&ifi=1&sfv=1-0-40&ists=4&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695086539656&lmt=1693175160&adxs=0%2C0%2C0%2C0&adys=0%2C0%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faflwtipping.afl%2F%23login&vis=1&psz=1600x1296%7C1600x1296%7C1600x1296%7C1600x1296&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1059035955.1695086540&ga_sid=1695086540&ga_hid=1111484631&ga_fc=false&dlt=1695086537747&idt=1881&prev_scp=position%3DBLW1%26above%3Dfalse%26index%3D1%26in_view%3Dfalse%7C%7Cposition%3DBLW1%26above%3Dfalse%26index%3D1%26in_view%3Dfalse%7Cposition%3DBLW1%26above%3Dfalse%26index%3D1%26in_view%3Dfalse&cust_params=area%3DWomensTipping%26title%3DOfficial%2520AFLW%2520Tipping%26device%3Ddesktop%26keyword%3Daftesting%26bettingOdds%3Dfalse%26excl_cat%3DTelecomms%252CPorn%252CGambling%252CMedia%252CCasino%252CMotor_Vehicles%252CBetting%252CFinance%252CAlcoholic_Beverages%252CFMCG%252CEntertainment_Leisure%252CInsurance%252C2849_Telstra&adks=3545889344%2C932936408%2C760456913%2C2158950843&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

45a10e8c649a166b1cd9252ff40867eee53e0b0572446a69daecbf5644547a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 377
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aflwtipping.afl
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 83 KB
18 KB 223ms
222ms Fetch
text/plain 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2330512442957548&correlator=3198662666486494&eid=31078015&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&iu_parts=7414%2CTEL.AFL%2CWomensTipping&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=300x250%2C728x90%2C300x50&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695086539664&lmt=1693175160&adxs=1045%2C436%2C-12245933&adys=521%2C1244%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C-1&ucis=5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Faflwtipping.afl%2F%23login&vis=1&psz=300x271%7C1600x0%7C0x0&msz=300x250%7C728x90%7C0x0&fws=132%2C132%2C132&ohw=1600%2C1600%2C1600&ga_vid=1059035955.1695086540&ga_sid=1695086540&ga_hid=1111484631&ga_fc=false&dlt=1695086537747&idt=1881&prev_scp=position%3DABV1%26above%3Dtrue%26index%3D1%26in_view%3Dtrue%7Cposition%3DBLW1%26above%3Dfalse%26index%3D1%26in_view%3Dfalse%7Cposition%3DABV1%26above%3Dtrue%26index%3D1%26in_view%3Dtrue&cust_params=area%3DWomensTipping%26title%3DOfficial%2520AFLW%2520Tipping%26device%3Ddesktop%26keyword%3Daftesting%26bettingOdds%3Dfalse%26excl_cat%3DTelecomms%252CPorn%252CGambling%252CMedia%252CCasino%252CMotor_Vehicles%252CBetting%252CFinance%252CAlcoholic_Beverages%252CFMCG%252CEntertainment_Leisure%252CInsurance%252C2849_Telstra&adks=1587389424%2C1008475350%2C1646442775&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

cbbccf5dfdd859dd13ec0b15287b4b5520f8114fd6c44dfe27d9e63dac3c6aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18677
x-xss-protection: 0
google-lineitem-id: 6361331927,6361331927,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138442414761,138442371200,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aflwtipping.afl
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fab7718e3d5f3f30d5d6c451d4b2d445.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 939B 6 KB
3 KB 505ms
100ms Document
text/html 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fab7718e3d5f3f30d5d6c451d4b2d445.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f33.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aflwtipping.afl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 01:22:20 GMT
expires: Wed, 18 Sep 2024 01:22:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dest5.html Show response
telstra.demdex.net/ Frame 30A8 7 KB
3 KB 32ms
4ms Document
text/html 3.106.101.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://telstra.demdex.net/dest5.html?d_nsid=0

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.106.101.175 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-106-101-175.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://aflwtipping.afl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-apse2-1-v049-080d796e6.edge-apse2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nP+ogGu1Qnc=
content-encoding: gzip
date: Tue, 19 Sep 2023 01:22:19 GMT
last-modified: Wed, 28 Jun 2023 12:50:08 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
infos.telstra.com.au/ 48 B
460 B 16ms
5ms XHR
application/x-javascript 63.140.56.123
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://infos.telstra.com.au/id?d_visid_ver=2.1.0&d_fieldgroup=A&mcorgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&mid=41748403463690041762968347733800790124&ts=1695086539735

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.56.123 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-56-123.data.adobedc.net

Software

jag /

Resource Hash

b5a53acfad8a260ea883f7ddda764f0bdc8dd0194affbbd280c7415f852b66d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aflwtipping.afl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://aflwtipping.afl
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZQj3zAAAAIB6VAM8
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=41603878707840466822989573336795610278
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZQj3zAAAAIB6VAM8

42 B
944 B

6ms
5ms

Image
image/gif

13.54.169.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZQj3zAAAAIB6VAM8

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

HTTP/1.1

Server

13.54.169.41 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-54-169-41.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

DCS: dcs-prod-apse2-2-v049-0eb2f7f36.edge-apse2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QimVcy6TSqE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZQj3zAAAAIB6VAM8
Date: Tue, 19 Sep 2023 01:22:20 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEM_5XxNCc8FH84cqUl-oegw&google_cver=1
dpm.demdex.net/ Frame 30A8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE2MDM4Nzg3MDc4NDA0NjY4MjI5ODk1NzMzMzY3OTU2MTAyNzg=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDE2MDM4Nzg3MDc4NDA0NjY4MjI5ODk1NzMzMzY3OTU2MTAyNzg=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEM_5XxNCc8FH84cqUl-oegw&google_cver=1?gdpr=0&gdpr_consent=

42 B
944 B

4ms
4ms

Image
image/gif

13.54.169.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEM_5XxNCc8FH84cqUl-oegw&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

HTTP/1.1

Server

13.54.169.41 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-54-169-41.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

DCS: dcs-prod-apse2-2-v049-06c430ce2.edge-apse2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: W6hld6RZRho=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEM_5XxNCc8FH84cqUl-oegw&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s27231856969006
infos.telstra.com.au/b/ss/telstrabpbigpondprd,telstrabpaflprd/1/JS-2.1.0/ 43 B
201 B 7ms
7ms Image
image/gif 63.140.56.123
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infos.telstra.com.au/b/ss/telstrabpbigpondprd,telstrabpaflprd/1/JS-2.1.0/s27231856969006?AQB=1&ndh=1&pf=1&t=19%2F8%2F2023%209%3A22%3A19%202%20-480&mid=41748403463690041762968347733800790124&aamlh=8&ce=UTF-8&ns=bigpond&cdp=2&pageName=BP%3AAFL%3AAFL-Womens-Tipping%3Ahome%3Alogin&g=https%3A%2F%2Faflwtipping.afl%2F%23login&c.&getPercentPageViewed=5.1&pageName=BP%3AAFL%3AAFL-Womens-Tipping%3Ahome%3Alogin&s_mid=41748403463690041762968347733800790124&s_getLoadTime=12&.c&ch=AFL-Womens-Tipping&events=event27%2Cevent40&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=BP&v1=BP&h1=BP%7CSport%7CAFL%7CAFL-Womens-Tipping%7Chome%7Clogin&c2=Sport&v2=Sport&c3=AFL&v3=AFL&c4=home&v4=AFL-Womens-Tipping&c5=login&v5=home&v15=login&c17=Launch%20PublishDate%3A2023-09-14T04%3A57%3A33Z%20%7C%20sCode%20version%3A2.1.0&v26=AFL&c33=11%3A00AM&c34=Tuesday&c35=Weekday&v40=11%3A00AM&v41=Tuesday&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&AQE=1

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.56.123 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-56-123.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 20 Sep 2023 01:22:19 GMT
server: jag
etag: 3640170626409725952-4617907035383563292
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 18 Sep 2023 01:22:19 GMT

GET
H/1.1

200
OK

ibs:dpid=782&dpuuid=ZQj3zAAJ9jSiqwBU
dpm.demdex.net/ Frame 30A8
Redirect Chain

https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
https://rtd-tm.everesttech.net/ct/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAJ9jSiqwBU
https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZQj3zAAJ9jSiqwBU

42 B
944 B

5ms
5ms

Image
image/gif

13.54.169.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZQj3zAAJ9jSiqwBU

Protocol

HTTP/1.1

Server

13.54.169.41 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-54-169-41.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

DCS: dcs-prod-apse2-1-v049-010f1b80e.edge-apse2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 79v+6LjNTQE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1695086541.568599,VS0,VE68
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZQj3zAAJ9jSiqwBU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
221 B 98ms
98ms XHR
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1111484631&t=pageview&_s=1&dl=https%3A%2F%2Faflwtipping.afl%2F&dp=%2F%23login&ul=en-us&de=UTF-8&dt=Official%20AFLW%20Tipping&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=2016419833&gjid=365387752&cid=1059035955.1695086540&tid=UA-47034296-59&_gid=336531886.1695086540&_r=1&_slc=1&gtm=45He39d0n81NV5VXWQ&z=1465183246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

f600c9e54db57e24bdf8ed132aa09da7f83f4490fe02b16b0ddfcb4f18e1d03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aflwtipping.afl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aflwtipping.afl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 99ms
99ms XHR
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

bea482d28ebbfeacd9944fb03e5449213b6d5ab84501491fb57d389261e58f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aflwtipping.afl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aflwtipping.afl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 500 usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 30A8 0
0 826ms
467ms Image
text/html 23.215.59.10
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.59.10 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-59-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 30A8
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=41603878707840466822989573336795610278&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=41603878707840466822989573336795610278&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
962 B

3ms
3ms

Image
image/gif

13.54.169.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

HTTP/1.1

Server

13.54.169.41 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-54-169-41.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

DCS: dcs-prod-apse2-1-v049-07d2e2e7d.edge-apse2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: pGcZrTqERgk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 303,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Tue, 19 Sep 2023 01:22:19 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 85E3 0
0 141ms
140ms Fetch
image/gif 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvdZDoNBIZpNd145Zc1qQhWh-N7h8G5ZOc5loJyz9nTbKAmP0sJ4krsgOUli7kw2AYKaGD7JPHSSvKyfn8Gmrp5VgZHxMqod5x7eJnC0cg-nZI43cB6eANFkTGV8zlJbDnsO7OytsTiXztuTtCqTANdFZwjk-tzqnJBMwEgxBok-cGlLWrZWX5JGMmk_7mW6K3G_EYEI2ODg5ZSoU-RduACNFCKnWxfaqldDMqNK4rzeNNYM90YDbvv-Y3joLE1T7lAeuxWyzVfoezj3JYo3y6fCHn0276Zg75hjo283uQYfJS00qk0eiEWUXNoeFOBYmOWMCgj00m_Q&sai=AMfl-YSI0IUN1R40PHn0wriYtCPMUSegyZwmcNwINCtXSCoUFqBFTq3WznXf-F70f2e-mL84gIJBFYVSOy5tNqwQdEy0sKFKeZQfozns7fxVb1mLFXBT9yVsZ87jps0euJtwxdJ0qGgL9y_bNR1FgrY&sig=Cg0ArKJSzOFup_OVR9zEEAE&uach_m=[UACH]&adurl=

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 01:22:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230914/r20110914/client/ Frame 85E3 3 KB
1 KB 256ms
4ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230914/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f33.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 15:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 15:22:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85E3 182 KB
57 KB 514ms
114ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 01:22:20 GMT

GET
H2 200 5569173154515845424
tpc.googlesyndication.com/simgad/ Frame 85E3 54 KB
54 KB 259ms
9ms Image
image/gif 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5569173154515845424

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f33.1e100.net

Software

sffe /

Resource Hash

eb0b71aab5b5cca3fde029157ef638663160e1b82bbf15c8e8d72b1ee57a5dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:21 GMT
x-content-type-options: nosniff
age: 361319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55380
x-xss-protection: 0
last-modified: Fri, 05 May 2023 01:38:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Sep 2024 21:00:21 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E423 0
0 140ms
140ms Fetch
image/gif 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrYPAjdxf8Gvas160uSNFQ0sjr06VjOhVSGyHZPUMd6X5K3BMqfPmtJ5h5cw_jb5EETC0atWpBRuxQ4XK_PNC8SbQKtdyQLBvA3jX_4nv2U3EMMvyX3Jca922FnKDcPgDFvJ1I0M7EklUhxXOCAQ6GpHStF44jJhO8K1cb7kPyI0qZPOa1neUDAkzXxFqfUuHqV4NY8gmEfxmGjw0cv7OXnkFzfVHiXBLt11yHHztnBM2gSjUQ3aUXGLwrPhPe8nOLYtVW2IyCZDULzYspSz4DW2t6qnmxDdCU_nre8lZDWUwstsfdWG68KkMkf64T441DdX1o5IY2Gg&sai=AMfl-YS3vVKGnlpmHvaDfDldPjE1yczvtacdr0zDuduyy0nBINVlHWdsDJrKr4xHuxH7FF1Rtt2zRaRx_lkTzHj5KAH5PavVr8FnhRAJlPQmpXBcMwF7wgSVe1FAKavB2wtmGcQmNX24Ey8CE2SdTks&sig=Cg0ArKJSzD2Fha1kEKWwEAE&uach_m=[UACH]&adurl=

Requested by

Host: aflwtipping.afl
URL: https://aflwtipping.afl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 01:22:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230914/r20110914/client/ Frame E423 3 KB
2 KB 247ms
3ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230914/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f33.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 15:22:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 15:22:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E423 182 KB
57 KB 616ms
225ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 01:22:20 GMT

GET
H2 200 16922941011234968252
tpc.googlesyndication.com/simgad/ Frame E423 53 KB
54 KB 248ms
5ms Image
image/png 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16922941011234968252

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f33.1e100.net

Software

sffe /

Resource Hash

4cf543c9879fa60c8181eb2b8d559816da0c36c512be59a8ea0f83f790ded03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 03:43:57 GMT
x-content-type-options: nosniff
age: 509903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54593
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 00:56:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Sep 2024 03:43:57 GMT

GET
DATA 200
OK truncated
/ Frame 85E3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57c5ce95f3633ee250b1450c33742d915650dd34fb1f04b22513480f7637982b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E423 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57b035a54972d937aa5e7fdf28b85b2737cc11c04fc94e5e8cdd81b4317a0fc9

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 111ms
110ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RJZGPPZRLX&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

9b55e117eb675671c147b92d2e15c1e9008f64a9e42ea3882ae60266411d333d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Sep 2023 01:22:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 115ms
115ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N3FPSGWD3Z&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f40.1e100.net

Software

Google Tag Manager /

Resource Hash

d5c867a4ed52b164aa1c10ac38fe5ed03f038e00e2a2754e16d8b81b23b31e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Sep 2023 01:22:19 GMT

GET
H2

200

5w3jqr4k
sync-tm.everesttech.net/ct/upi/pid/ Frame 30A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...

85 B
170 B

151ms
151ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=ZQj3zAARWBYvSQAN
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 852
x-timer: S1695086541.564740,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 2597

Redirect headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1695086540.310059,VS0,VE66
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=ZQj3zAARWBYvSQAN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

btu4jd3a
sync-tm.everesttech.net/ct/upi/pid/ Frame 30A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=ZQj3zAAOKJRrvABV

85 B
168 B

152ms
152ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=ZQj3zAAOKJRrvABV
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 852
x-timer: S1695086541.566032,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 2599

Redirect headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1695086540.310428,VS0,VE68
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=ZQj3zAAOKJRrvABV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 30A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAOKONsWQBV
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQj3zAAOKONsWQBV&_test=ZQj3zAAOKONsWQBV
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQj3zAAOKONsWQBV&_test=ZQj3zAAOKONsWQBV&C=1

43 B
337 B

143ms
143ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQj3zAAOKONsWQBV&_test=ZQj3zAAOKONsWQBV&C=1
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3etLpGKCQpsEiabQ7uLWKTuHg0ii%2BvHtqSkXrvJCxugwBiIEC3%2F8TY2vXE9Q2Utq95BU84zFQRpkkcedyY1BMu8yOUOI7yFY3txePSMDa4ViNu008mIdDEvryx6B1jn3GkRg%2B2ORKRDUdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 808e04603931a97a-SYD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvOdEupH78h3RsSRe0BW8FN%2FCcsRNYlvjm2rDU%2BoOm8yQ2L23U0FxCDEqCSDYTipm0Dsc%2FyXU5llIBDkfDrw7qao8fUWPGbMXzc0ATrCmcNodBaH9JAztTNCy8c3vudVsFcbJppmrp5Zpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=ZQj3zAAOKONsWQBV&_test=ZQj3zAAOKONsWQBV&C=1
cache-control: no-cache
cf-ray: 808e045f5850a97a-SYD
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

UH6TUt9n
sync-tm.everesttech.net/ct/upi/pid/ Frame 30A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAONaFciwA4

85 B
148 B

152ms
152ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAONaFciwA4
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 852
x-timer: S1695086541.566728,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 2600

Redirect headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1695086540.310335,VS0,VE69
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAONaFciwA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 30A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZQj3zAAAAtBdOAA4
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZQj3zAAAAtBdOAA4&_test=ZQj3zAAAAtBdOAA4
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZQj3zAAAAtBdOAA4&_test=ZQj3zAAAAtBdOAA4

43 B
180 B

97ms
96ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZQj3zAAAAtBdOAA4&_test=ZQj3zAAAAtBdOAA4
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZQj3zAAAAtBdOAA4&_test=ZQj3zAAAAtBdOAA4
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 30A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BU...

85 B
234 B

152ms
151ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D&_test=ZQj3zAARV8ovSgAN
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 852
x-timer: S1695086541.565151,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 2598

Redirect headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1695086540.310344,VS0,VE66
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D&_test=ZQj3zAARV8ovSgAN
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET

partner
sync.search.spotxchange.com/ Frame 30A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZQj3zAAAAtBdOAA4&img=1

0
0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 30A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZQj3zAAAAtBdOAA4&t=2592000&o=0

43 B
732 B

494ms
187ms

Image
image/gif

157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZQj3zAAAAtBdOAA4&t=2592000&o=0

Protocol

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://telstra.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 18:22:21 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: public
x-fb-debug: eg3yTL1Pf2r8kYfPR+utgzuDu3LKaTY9j/XBlbEKdBGbicP9cEdt2BAKYMstKv1TjiVTnNIQTzT1yztoAQG1YA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Mon, 18 Sep 2023 18:22:21 PDT

Redirect headers

x-served-by: cache-bfi-krnt7300065-BFI
pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1695086541.718146,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZQj3zAAAAtBdOAA4&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 98ms
98ms Ping
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RJZGPPZRLX&gtm=45je39d0&_p=1111484631&ul=en-us&sr=1600x1200&cid=1059035955.1695086540&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Faflwtipping.afl%2F&dp=%2F%23login&dt=Official%20AFLW%20Tipping&sid=1695086540&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RJZGPPZRLX&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg07s23-in-f46.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aflwtipping.afl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 98ms
98ms Ping
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-N3FPSGWD3Z&gtm=45je39d0&_p=1111484631&ul=en-us&sr=1600x1200&cid=1059035955.1695086540&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Faflwtipping.afl%2F&dt=Official%20AFLW%20Tipping&sid=1695086540&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N3FPSGWD3Z&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg07s23-in-f46.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aflwtipping.afl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 85E3 0
0 839ms
141ms Fetch
image/gif 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgH0MBn6tSdAKfe_j0A67K-Grd3Fe-5qVK5j6UArfNHOXIghzEPdE9NUqgoyHI4XDLmymXDi9ZBQjgmsjzdfJr9FKdPOHG8Wc7khp7grIP8LP-lZzp1EbsQxWC-68aP8Hn2z2ygUX-1iUppmwokK2Y3y-E9UnsONhg31zK0a-rj-C3wjkk4IBZktrjYqHwfcN4rKkaiNF-L2Ju4shkYeX4mCH_vwAQtJi-HIcjHN2olW5NHqixsuwI1DPD-pC_Lh0xhZpS5avwtCC8JO7JSYEtxIuDSzFVXF_FkqmlHzZmVUC9Qk_1gPcwcJxAmBEtugMHdNR1DRYR5P6v&sai=AMfl-YQ3rTwQopTCayzMhV3XvvYoTGPw9DMpjMc0UMrjTQ2DiJ4PdJC-LFlUfIVMuTkRcZhe3xjfD78AdX2CXzA1PfWDWdzp2rjvLb2WRUZ-csEF5_gOK89cNPW9-mayKu0BSF9hltq_6ra9sIDisSo&sig=Cg0ArKJSzAmdjwMhekZ3EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 01:22:21 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame C98A 47 KB
13 KB 30ms
5ms Script
application/javascript 54.66.65.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=928325&campId=300x250&pubId=5184468609&chanId=22305632486&placementId=6361331927&pubCreative=138442414761&pubOrder=3165975048&cb=241210878&adsafe_par&impId=&custom=1&custom2=true&custom3=true
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.66.65.228 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-66-65-228.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 3081d31d773285dcf5a492c88f2214a4d951de44a1885e4f1ce3cc14ec822ef5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame C98A 207 KB
65 KB 739ms
157ms Script
application/javascript 99.84.66.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928325&campId=300x250&pubId=5184468609&chanId=22305632486&placementId=6361331927&pubCreative=138442414761&pubOrder=3165975048&cb=241210878&adsafe_par&impId=&custom=1&custom2=true&custom3=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.66.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-66-53.hio50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:55 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO50-C1
age: 3497966
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: kyzAtmUgmTzCZUVj1QfJJoMe-Bxn9FUzj5T0xo7X5gcm4xaManh4ig==

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E423 0
0 725ms
142ms Fetch
image/gif 142.250.67.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3j9taJ8-oZnJcUmr3w1ecpIXnOyLNiBLMAW6f8bK4xKyk-5uFEaww_rHdBdxJMcnRbcYZBZsGIcD-KGRMXvYlROal6qriVO1fYBjg-NeHLrD6bGfGVGb9nHOgzWputIugY4Y471sD5X4qzgNdGY7pxnAvTQOETQ5OEVoNVwd6kRQn0yeagCvhmeZFq6Md__09rtLlMHUr3032fx8QUxb9XU3jnzjLs7rKobCZe5fGcpq1KCv_mf3j_MlrynnjUq5rKxFkutrGuoDggIroCZHEF7fqqHje5jeItA4icinVirgd4_FXC4hlmJwbEqdXZeY6Y_bF2dqeymiG&sai=AMfl-YT8RtzMyIiRyTaNMM1C2DRsI_hV_zvR-Nkab1PKL8PRhH2jvjTSayN2SANlLxdOj7BN8-aaCHlEJKOiY2zMYJeEEMfADwWO5wHezWa4EvpGtBa-xaTVjixqOvba8GJ1KSxUHwXw3ck7vp-f-KM&sig=Cg0ArKJSzIIcDDa38jtkEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.2 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 01:22:21 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 2252 47 KB
13 KB 5ms
4ms Script
application/javascript 54.66.65.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=928325&campId=728x90&pubId=5184468609&chanId=22305632486&placementId=6361331927&pubCreative=138442371200&pubOrder=3165975048&cb=1073159655&adsafe_par&impId=&custom=1&custom2=false&custom3=false
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.66.65.228 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-66-65-228.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 9de56708b933791bc5f7d23598e40df16e1109d1a8499a61da3b02f67b13bf6e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 525ms
127ms XHR
application/json 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

bbed0bcc070b0f20c8b5429c36f1a6e94cbc8e5f8dfaaa013eed7b1ea1dc2855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12156
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 99ms
99ms XHR
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1111484631&t=pageview&_s=1&dl=https%3A%2F%2Faflwtipping.afl%2F&ul=en-us&de=UTF-8&dt=Official%20AFLW%20Tipping&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAEABAAAAACAEK~&jid=1020550442&gjid=1835815725&cid=1059035955.1695086540&tid=UA-108262715-1&_gid=336531886.1695086540&_r=1&_slc=1&gtm=45He39d0n81W3TT97S&cd2=%2F&cd3=unavailable&cd4=tipping&cd5=desktop&cd7=responsive&cd8=~none~&cd9=Digital%20Rights%20Network&cd10=Elite&cd11=AFL%20Other&cd12=unavailable&cd13=unavailable&cd14=unavailable&cd15=unavailable&cd16=unavailable&cd17=unavailable&cd18=unavailable&cd19=unavailable&cd23=production&cd24=unavailable&cd25=unavailable&cd26=unavailable&cd40=41748403463690041762968347733800790124&cd41=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&cd46=unavailable&cd47=unavailable&cd48=unavailable&cd49=tipping&cd50=AFLW&cd51=loggedOut&cd52=unavailable&cd53=unavailable&cd54=unavailable&cd55=unavailable&cd56=unavailable&cd57=unavailable&cd58=unavailable&cd59=unavailable&cd74=unavailable&cd78=unavailable&cd79=unavailable&cd82=unavailable&cd83=unavailable&cd84=unavailable&cd85=unavailable&cd86=unavailable&cd96=null&cd1=1059035955.1695086540&cd101=1059035955.1695086540&z=1678619282

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aflwtipping.afl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aflwtipping.afl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 2ms
2ms Script
text/javascript 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3TT97S&l=dataLayerClubs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 00:11:20 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4260
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 19 Sep 2023 02:11:20 GMT

GET
H2 200 main.19.8.439.js Show response
static.adsafeprotected.com/ Frame 2252 207 KB
65 KB 882ms
404ms Script
application/javascript 99.84.66.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.439.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=928325&campId=728x90&pubId=5184468609&chanId=22305632486&placementId=6361331927&pubCreative=138442371200&pubOrder=3165975048&cb=1073159655&adsafe_par&impId=&custom=1&custom2=false&custom3=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.66.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-66-53.hio50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 13:42:55 GMT
x-amz-version-id: jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding: gzip
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO50-C1
age: 3497966
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:42 GMT
server: AmazonS3
etag: W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: nQfDlUSTI2QBo2puxh3VGKieFuvLuuEfDqHBKW_j5D9GwQt-f6HurA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
353 B 584ms
95ms XHR
text/plain 64.233.170.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-108262715-1&cid=1059035955.1695086540&jid=1020550442&gjid=1835815725&_gid=336531886.1695086540&_u=aAjAAEABAAAAACAEK~&z=960617170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aflwtipping.afl/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Sep 2023 01:22:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aflwtipping.afl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 179ms
178ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f33.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 01:22:21 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 498ms
99ms Image
image/gif 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-108262715-1&cid=1059035955.1695086540&jid=1020550442&_u=aAjAAEABAAAAACAEK~&z=759888626

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 499ms
100ms Image
image/gif 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-108262715-1&cid=1059035955.1695086540&jid=1020550442&_u=aAjAAEABAAAAACAEK~&z=759888626

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 67FC 13 KB
5 KB 2ms
1ms Document
text/html 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f33.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aflwtipping.afl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 338386
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 03:22:35 GMT
expires: Sat, 14 Sep 2024 03:22:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B609 829 B
993 B 492ms
104ms Document
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

GSE /

Resource Hash

908881f1ed26f38aa6d7ac26c0b0d832c79300063209cc8dc52241c3eba8c6a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WbfHtlEWp0C3xdciFR4oPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aflwtipping.afl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-WbfHtlEWp0C3xdciFR4oPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 01:22:21 GMT
expires: Tue, 19 Sep 2023 01:22:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 67FC 37 KB
15 KB 703ms
3ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 18 Sep 2023 02:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Sep 2024 02:25:15 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 58E6 91 KB
92 KB 152ms
152ms Script
application/javascript 99.84.66.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.66.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-66-53.hio50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 12:30:56 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO50-C1
age: 1860686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: LmA-nMRdYEazS7zn4GssocI7VnkcxzjLibQip6TUk0FFUUwQZNEn-Q==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 16ms
16ms Image
image/gif 54.66.65.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=928325&campId=300x250&pubId=5184468609&chanId=22305632486&placementId=6361331927&pubCreative=138442414761&pubOrder=3165975048&cb=241210878&adsafe_par&impId=&custom=1&custom2=true&custom3=true&adsafe_url=https%3A%2F%2Faflwtipping.afl%2F%23login&adsafe_type=aceq&adsafe_url=https%3A%2F%2Faflwtipping.afl%2F&adsafe_type=bdf&adsafe_jsinfo=,id:acf26860-92e9-269a-217d-4687e8db3508,c:oEoKS6,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-6787bcffc4-642sp,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:909,mot:0,app:0,maw:0,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C141%7C15%7C16,idMap:13*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:928,oid:fa9ea394-568a-11ee-8de6-3e207ff58c63,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.66.65.228 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-66-65-228.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:21 GMT
server: nginx
x-server-name: app04.au.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 946ms
320ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoKSq,pingTime:0,time:947,type:pf,im:%7BpBlk:945%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:927%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:948,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:927,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~100%5D,as:%5B36~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C141%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:928%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 784ms
162ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoKSw,pingTime:-2,time:953,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:39,beZ:40,mfA:948,cmA:949,inA:949,inZ:953,prA:953,prZ:961,si:967,poA:967,bl:984,poZ:984,cmZ:984,mfZ:984,loA:988,loZ:991,ltA:991,ltZ:991,mdA:40,mdZ:931%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:927%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:953,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:927,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~100%5D,as:%5B41~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C141%7C15%7C16,idMap:13*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:928,slid:%5Bgoogle_ads_iframe_/7414/TEL.AFL/WomensTipping_4,google_ads_iframe_/7414/TEL.AFL/WomensTipping_4__container__,tmedia-ad-300-250-1-1,main,main-wrapper%5D,sinceFw:24,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85E3 42 B
174 B 141ms
141ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlX-IH0s1Jw0JP-LrOpJm5OvHvN3lxBWdQ1nMq6QdD6iEnUFYC-ZjbyiUrMANm9uSTvaqHPQBt9pKiBorc3o5JH7pojWoayEdYbtzoDRFPEf9yytvaLdxnimuhGQS_&sig=Cg0ArKJSzNHsI_3kbRMGEAE&id=lidar2&mcvt=1003&p=521,1045,771,1345&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1587389424&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695086539903&rpt=584&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 739ms
163ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoKTg,time:999,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:999,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:927,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B87~100%5D,as:%5B87~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C141%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:928,sis:962%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B4DF 91 KB
92 KB 148ms
148ms Script
application/javascript 99.84.66.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: aflwtipping.afl
URL: https://aflwtipping.afl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.66.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-66-53.hio50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 12:30:56 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront)
x-amz-cf-pop: HIO50-C1
age: 1860686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: rJnne9CiUBzpMSupAILIjEhGzLjJCAR10UKonfrRKfRzOlIULvadZQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 15ms
15ms Image
image/gif 54.66.65.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=928325&campId=728x90&pubId=5184468609&chanId=22305632486&placementId=6361331927&pubCreative=138442371200&pubOrder=3165975048&cb=1073159655&adsafe_par&impId=&custom=1&custom2=false&custom3=false&adsafe_url=https%3A%2F%2Faflwtipping.afl%2F%23login&adsafe_type=aceq&adsafe_url=https%3A%2F%2Faflwtipping.afl%2F&adsafe_type=bdf&adsafe_jsinfo=,id:dfb2caf2-4bb6-a9f9-67d5-b3d2f40fe1ef,c:oEoKUf,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6787bcffc4-hk77l,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:436.1244.728.90,am:i,cc:436.1244.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:950,mot:0,app:0,maw:0,fm:tQgins6+11%7C12%7C131%7C132%7C14*.928325%7C141%7C15%7C16,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:957,oid:faac5eeb-568a-11ee-ac97-56622d07c43a,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.66.65.228 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-66-65-228.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:21 GMT
server: nginx
x-server-name: app04.au.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 664ms
164ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=dfb2caf2-4bb6-a9f9-67d5-b3d2f40fe1ef&tv=%7Bc:oEoKUt,pingTime:-2,time:971,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:29,beZ:30,mfA:979,cmA:979,inA:979,inZ:981,prA:981,prZ:983,si:985,poA:986,poZ:995,cmZ:995,mfZ:995,loA:998,loZ:999,ltA:999,ltZ:999,mdA:30,mdZ:970%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:957%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:971,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:957,wc:0.0.1600.1200,ac:436.1244.728.90,am:i,cc:436.1244.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B21~0%5D,as:%5B21~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tQgins6+11%7C12%7C131%7C132%7C14*.928325%7C141%7C15%7C16,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:957,slid:%5Bgoogle_ads_iframe_/7414/TEL.AFL/WomensTipping_5,google_ads_iframe_/7414/TEL.AFL/WomensTipping_5__container__,tmedia-ad-728-90-1-1,footer,main-wrapper%5D,sinceFw:14,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B609 0
0 396ms
95ms Image
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309140101&jk=2330512442957548&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s15-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 274ms
163ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoL0K,pingTime:-10,time:1463,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695086541994%7C%7C163a3b16dcdc6298cef1b844544b495d%7C%7Cbd1e129058c6f254231648b6cc158d80%7C%7C9ac8f19c082463679bf7f6e5e9bd2db2%7C%7C59a3379e8d053d35c60f7fd46c772b48%7C%7Cbaa90500090c41cae438a2f7bcc3ab75%7C%7Ce6d608a1140b8c3b5f304fede7a0573c%7C%7C376671077b5503cb1f97ee4748264f2b%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 67FC 0
40 B 2ms
2ms Image
text/plain 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-fYn4g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg07s23-in-f33.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 01:22:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 164ms
161ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoL8B,pingTime:1,time:1950,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:927%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1950,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:927,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1038~100%5D,as:%5B1038~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:949,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C14.928325%7C141%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:928,sis:962%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 165ms
162ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoL8C,pingTime:1,time:1951,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:927%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1951,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:927,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:949,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C14.928325%7C141%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:928,sis:962%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 167ms
165ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoL8D,pingTime:1,time:1952,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:927%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1952,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:927,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1040~100%5D,as:%5B1040~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:949,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C14.928325%7C141%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:928,sis:962,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 168ms
167ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoL8E,pingTime:1,time:1953,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:927%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1953,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:927,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1041~100%5D,as:%5B1041~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:949,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C14.928325%7C141%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:928,sis:962,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 162ms
161ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=dfb2caf2-4bb6-a9f9-67d5-b3d2f40fe1ef&tv=%7Bc:oEoL9u,pingTime:-10,time:1902,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695086541994%7C%7C163a3b16dcdc6298cef1b844544b495d%7C%7Cbd1e129058c6f254231648b6cc158d80%7C%7C9ac8f19c082463679bf7f6e5e9bd2db2%7C%7C59a3379e8d053d35c60f7fd46c772b48%7C%7Cbaa90500090c41cae438a2f7bcc3ab75%7C%7Ce6d608a1140b8c3b5f304fede7a0573c%7C%7C376671077b5503cb1f97ee4748264f2b%7C%7C1663701684,sca:%7Bspg:acf26860-92e9-269a-217d-4687e8db3508%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:22 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 101ms
101ms Image
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309140101&jk=2330512442957548&bg=!AwClAE_NAAbP3fMH7907ADQBe5WfOF92SvbKhQ7ZOiW_FL_N3ICZHfB2dtcKJFTGP0iveiGS_IB30ZJpZpocIn-GRDKTAgAAAFFSAAAAB2gBB5kC6uY7dMp6E9lLJD6_P6MxKzvcOJmCr_Tza_xOL2FBUMIpUv7yFvdeU-gwR6a_SMhMNdD81T7og0CuOfeQOgcWPYq7Ao4s43zFLKm1bCliEx1hKa5LzlI5q0a70YC4Orr8-v7pl5btZ_-2R0DiunQa0N9nD_eVGZ6W6F-NdOCGdkzO0mKcCK91JxwQXfIcGX2oVyo2jG_evfCHxj5VdDW4Jg2-QDqB0umPO1qs3mUaysa_3zUzepyUqVCgqhaAVTLjdPhPZm1LLrXb8PcuuhrWKe_CChPoc3C09sNL31VXk-0FOfuveX65SUhT2IWD6kP2jnhmRLvM3iD57jLxRwwnIEzpGJsHUMqb6htD4725HjSqlAEN84vYb1KAIgQ3CxwpmbHdLVE5zJMwpbsLE71wytsSz4zkgCZPKWmMTI_3b9MbdTFe0OwWb-AC1HSXf584UhvjVMw0fBiqVhlqIGwao2P_81VyP3qynTEjrUWXWUFGSeY3apGXHpMmbDt3_qHSKNrrn5aKyVnoXPUjLFmaoWNr4tFaPJqGRyiS1_s57I394VjdCKFWjiDBa6_uUGrQVqxs2R_IQ62CYOJOl-hopZVJ_rkbjEAEfTk9UXFIXJtVwRuTOQEnmYcPUQDWKzUJ6DhKYva3YJ1zKAsMa9r0ErnIbX2f7iHWMZlbRIE10EZ6V7E60a2aUx6ZW8XRv1OxwzjEOKZqnb32NVFM6VmtiDG_iBBvzE4gA_dKb9zEnaf2zY2EzS5JhZUor5tTMncUm9spFPPjuwcYxIsaMoD_Mr7bVKXhhhSfHotV6TTNXiLxds9yTKbFsR7GrSyUdW1WCMi83K7nVG-3Aidp3DMasLZWFGSXnpOpyNCExBgXgTE_nJijMfFKCHh1yVB7GkvOj0t5bMl302dLXMwrlgxbr7IaQ9_k5oNAULsQGJdvoFil4h0hYEGxXOvy3UCOKHtYJPcOu338KQ5hGtAPjyYUTxCqNgsiZG1fzsTN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.226 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s15-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 161ms
161ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoMb6,pingTime:5,time:5949,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:927%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5949,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:927,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5037~100%5D,as:%5B5037~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:172,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C14.928325%7C141%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:928,sis:962%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:26 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 163ms
163ms Image
image/gif 34.211.174.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=928325&asId=acf26860-92e9-269a-217d-4687e8db3508&tv=%7Bc:oEoMb6,pingTime:5,time:5949,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:927%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5949,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:927,wc:0.0.1600.1200,ac:1045.521.300.250,am:i,cc:1045.521.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5037~100%5D,as:%5B5037~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:172,fm:tQginqr+11%7C12%7C13*.928325%7C131%7C14.928325%7C141%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,siq:928,sis:962%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.174.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-174-64.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://aflwtipping.afl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 01:22:26 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZQj3zAAAAtBdOAA4&img=1

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 19:10:38	Name: demdex Value: 41603878707840466822989573336795610278
.aflwtipping.afl/	1969-12-31 23:59:59	Name: AMCVS_98DC73AE52E13F1E0A490D4C%40AdobeOrg Value: 1
.aflwtipping.afl/	1970-01-20 14:51:28	Name: gpv_p49 Value: AFL
.aflwtipping.afl/	1970-01-20 14:51:28	Name: gpv_e44 Value: AFL
.aflwtipping.afl/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.aflwtipping.afl/	1969-12-31 23:59:59	Name: s_cc Value: true
.aflwtipping.afl/	1970-01-21 00:27:26	Name: _ga Value: GA1.2.1059035955.1695086540
.aflwtipping.afl/	1970-01-20 14:52:52	Name: _gid Value: GA1.2.336531886.1695086540
.aflwtipping.afl/	1970-01-20 14:51:26	Name: _gat_UA-47034296-59 Value: 1
.aflwtipping.afl/	1970-01-20 14:51:26	Name: _gat_womens Value: 1
.aflwtipping.afl/	1970-01-21 00:13:02	Name: __gads Value: ID=281f25eae6ca38e3:T=1695086539:RT=1695086539:S=ALNI_MYeV3HUqWQy8ulU_3nJBeIj-QalOg
.aflwtipping.afl/	1970-01-21 00:13:02	Name: __gpi Value: UID=00000c4b6f7d5db7:T=1695086539:RT=1695086539:S=ALNI_MZl6CjMew9R3DSx8ZJuAUe_kudFVQ
.eyeota.net/	1970-01-20 23:38:28	Name: mako_uid Value: 18aab07f47b-4ab10000010d5ff2
.eyeota.net/	1970-01-20 14:51:27	Name: SERVERID Value: 24562~DM
.dpm.demdex.net/	1970-01-20 19:10:38	Name: dpm Value: 41603878707840466822989573336795610278
.demdex.net/	1970-01-20 19:10:38	Name: dextp Value: 771-1-1695086539786\|782-1-1695086539800\|19566-1-1695086539873\|30064-1-1695086539887\|144230-1-1695086539933\|144231-1-1695086539945\|144232-1-1695086539960\|144233-1-1695086539975\|144234-1-1695086539990\|144235-1-1695086540020\|144236-1-1695086540031\|144237-1-1695086540045
.doubleclick.net/	1970-01-21 00:27:26	Name: IDE Value: AHWqTUml5HsKxNs8SSmy9hTX8sa1oBqHQSDoZh78xgfxtheZqoUFC4x4irUmKGrx-E4
.aflwtipping.afl/	1970-01-21 00:27:26	Name: _ga_RJZGPPZRLX Value: GS1.2.1695086540.1.0.1695086540.0.0.0
.aflwtipping.afl/	1970-01-21 00:27:26	Name: _ga_N3FPSGWD3Z Value: GS1.2.1695086540.1.0.1695086540.0.0.0
.aflwtipping.afl/	1970-01-21 00:27:26	Name: AMCV_98DC73AE52E13F1E0A490D4C%40AdobeOrg Value: 1099438348%7CMCIDTS%7C19620%7CMCMID%7C41748403463690041762968347733800790124%7CMCAAMLH-1695691339%7C8%7CMCAAMB-1695691339%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1695093739s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19627%7CvVersion%7C2.1.0
.aflwtipping.afl/	1969-12-31 23:59:59	Name: s_tp Value: 1534
.aflwtipping.afl/	1969-12-31 23:59:59	Name: s_ppv Value: BP%253AAFL%253AAFL-Womens-Tipping%253Ahome%253Alogin%2C78%2C78%2C78%2C1200%2C1%2C1
.aflwtipping.afl/	1970-01-20 14:51:26	Name: _gat_UA-108262715-1 Value: 1
.everesttech.net/	1970-01-20 23:37:02	Name: everest_g_v2 Value: g_surferid~ZQj3zAAJ9jSiqwBU
.casalemedia.com/	1970-01-20 23:37:02	Name: CMID Value: ZQj3zCPzCBzePitw5.ApSAAA
.casalemedia.com/	1970-01-20 17:01:02	Name: CMPS Value: 4802
.casalemedia.com/	1970-01-20 17:01:02	Name: CMPRO Value: 4802
.openx.net/	1970-01-20 23:37:02	Name: i Value: 840ca64e-36e8-4292-ba37-4056e7057315\|1695086540

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://medrx.telstra.com.au/tmaf/lib.js Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://medrx.telstra.com.au/tmaf/lib.js Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://medrx.telstra.com.au/tmaf/lib.js Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://medrx.telstra.com.au/tmaf/lib.js Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://medrx.telstra.com.au/tmaf/lib.js Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://medrx.telstra.com.au/tmaf/lib.js Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation	warning	URL: https://medrx.telstra.com.au/tmaf/lib.js Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network	error	URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZQj3zAAAAtBdOAA4&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aflwtipping.afl
apis.google.com
assets.adobedtm.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
email.mail.aflwtipping.afl
fab7718e3d5f3f30d5d6c451d4b2d445.safeframe.googlesyndication.com
fgp-data.s3.ap-southeast-2.amazonaws.com
image5.pubmatic.com
infos.telstra.com.au
medrx.telstra.com.au
pagead2.googlesyndication.com
pixel.adsafeprotected.com
ps.eyeota.net
rtd-tm.everesttech.net
rtd.tubemogul.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
targeting.telstra.com.au
telstra.demdex.net
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
sync.search.spotxchange.com
104.17.24.14
104.18.27.193
13.35.147.90
13.54.169.41
142.250.204.14
142.250.204.4
142.250.66.195
142.250.66.226
142.250.67.2
151.101.1.229
151.101.2.49
157.240.8.23
157.240.8.35
172.217.167.66
172.217.167.98
172.217.24.33
172.217.24.40
172.217.24.46
18.138.79.132
18.67.93.125
23.215.59.10
23.77.128.136
3.106.101.175
34.102.239.211
34.211.174.64
34.98.64.218
52.64.114.26
52.95.130.158
54.153.211.209
54.66.65.228
63.140.56.123
64.233.170.155
99.84.66.53
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
04f974702a679bc878de6e330ebc33ba79cbf1ab446d41e73d8e8d78a6d35661
086370e43bcb573a75d988f0c1e715dee7e8f928bda5322243f982542d53deb8
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
13ddb12969451cc85022349c1c512a94977467e8e73ea4b10c7487da301c6245
14663a3520b1d6e90d54d41e8667827f314498537acc7048398c920db9c436c1
17d313a7567c497811d486bfe7dd1344f472ea31632f5cd896b2be200aef57d0
1bc0ea4e2fe66ac337fb1863bbdb4c8f044ee4e84dbe0f0f1b3959bebfa539c1
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
28a66e4c9b6a66bb4c8a81ca6a02978dba2f655703cd7ae1abe46698771e16d4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3081d31d773285dcf5a492c88f2214a4d951de44a1885e4f1ce3cc14ec822ef5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3497e12151dc33c866086a46a0b8277940885fb377e281960887f2497f27e63b
3673b96f1861ecf40bc6759993a52b55992449cc96597bbc41dea79932d7ef2c
38432eb021bb8945d07709a456cbac71801a3ef4a9f468fa15cabc5d6ac69312
38ef8a0ff6cc1b70ebe7b2cedbb66160bdb36212cfd422489025d45039c536e7
3f151596a10740409beba2a95e9065f7998ec56e1f1338429ef9cbc655b96770
3f5f53c8f341574d73ffdbf46f0137886d4d98b6176864354a2d6e93987b75ff
40d133fb25eb94e23842f47827ea4ecabbc0f5ef9443610aca3846e0733fb313
45a10e8c649a166b1cd9252ff40867eee53e0b0572446a69daecbf5644547a07
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
494ebd34ef0d87f6106950b7cadf0de42172c7aac6baa4f09cae64642aa9325d
4cf543c9879fa60c8181eb2b8d559816da0c36c512be59a8ea0f83f790ded03f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edbd6fbd49b1eb2e74c570f3ab35a5f6ce7d8171ee6dc81f09b6d1151f434b8
538112766595780425b70f99c8507f8443545733f01c69e359bac387939ca7c8
540d761da5c806e5b6ea6ab8f163cbbe93fe1e72f324c5ed0f92be7c138340a6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b035a54972d937aa5e7fdf28b85b2737cc11c04fc94e5e8cdd81b4317a0fc9
57c5ce95f3633ee250b1450c33742d915650dd34fb1f04b22513480f7637982b
5d6332b7f91554f90e5f18696cef398c01c82bc3126753361829bb6777beb5fb
5e2368f7a9d9f985a4bc3cfd86a172b09639d100b67893db8059a52d69e81ff4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b2061ad9612c64094d81dd0d32914ae0a64ba8f6573b63eb4bbb128e71b1c2f
6ee45e444342e1d75d120cf8c95c6f6b34adc300b21d682ca586a6785a96df4c
773e5bbc4fb9297bc224eb406ea65168fe8d36586ff15b997e373943bbf0e643
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
794cb1239d5d6a1da0cbced1fe93aeb0fc78a68f51e9f1b5811241205e708380
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80836f2faf10947b9a0ccd04006d82ac96a35403e5622b912a48c613167b17fd
86547d94886aa32ac5bda7aead234af93d545dd491b95ccb3d952d80dd0ad544
88f9322f5e1ad8e3ff4e37ec0f51d43bd92294f5f84f966bde87eed9e42bc259
908881f1ed26f38aa6d7ac26c0b0d832c79300063209cc8dc52241c3eba8c6a6
9b55e117eb675671c147b92d2e15c1e9008f64a9e42ea3882ae60266411d333d
9de56708b933791bc5f7d23598e40df16e1109d1a8499a61da3b02f67b13bf6e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a331b5bfa8889493c0c4f7ce1a62790adcc5f4446418ab05c2789aaeaa2c34d5
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5a53acfad8a260ea883f7ddda764f0bdc8dd0194affbbd280c7415f852b66d0
b95293a8046c49f0647f4f03e3d554513cad1528d287ca3b5d071ee0049c6cd3
babfd8947314f7a3311c4b32ddf1c6b336476acecdcc7e114250f8b4356f161c
bbed0bcc070b0f20c8b5429c36f1a6e94cbc8e5f8dfaaa013eed7b1ea1dc2855
bea482d28ebbfeacd9944fb03e5449213b6d5ab84501491fb57d389261e58f75
cbbccf5dfdd859dd13ec0b15287b4b5520f8114fd6c44dfe27d9e63dac3c6aad
ce9691fb566125fb7f73edf445a45cc4e34f03c68bd3483af36043b27b3288d1
d049678c37346aa4f3c4f603dd59ee599c416e0750ffbd61ccc38e7ce5fc1535
d5c867a4ed52b164aa1c10ac38fe5ed03f038e00e2a2754e16d8b81b23b31e20
d723548c0a900125b976a47c7aaef1ba807b73b9bfa2bab01f4b08c73526e4e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0b71aab5b5cca3fde029157ef638663160e1b82bbf15c8e8d72b1ee57a5dbf
ecb5e7c04c8457900d29cd8a89079e7881065fc0dc9ec5ac427db987e9c1aaf0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3490cddd6546d2220d178658aafd1f154bb723aa66218cd2cdfca92083e413
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
efd6c5b8ae25cac0cc1fc8c67e2caa8dea421d5a70f543fbed268bdc996871be
f5eff6b2680841d9f1ac2f817c78055071d66c4679c39e882848c799d9664a5c
f600c9e54db57e24bdf8ed132aa09da7f83f4490fe02b16b0ddfcb4f18e1d03f
f7a07b9822f319cc41cf79d6944ee1034fb9f91bdea46a1700abfa946279ed17

aflwtipping.afl Open in urlscan Pro 18.67.93.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

88 %HTTPS

0 %IPv6

24 Domains

37 Subdomains

30 IPs

4 Countries

3005 kBTransfer

7918 kBSize

28 Cookies

31 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aflwtipping.afl Open in urlscan Pro
18.67.93.125 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

88 %
HTTPS

0 %
IPv6

24
Domains

37
Subdomains

30
IPs

4
Countries

3005 kB
Transfer

7918 kB
Size

28
Cookies

111 HTTP transactions
2 data transactions