urlscan.io logo urlscan.io
SecurityTrails logo

www.geelongadvertiser.com.au Open in urlscan Pro
104.71.48.157  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.geelongadvertiser.com.au/
Effective URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Submission: On September 23 via api from BE — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 131 IPs in 13 countries across 104 domains to perform 478 HTTP transactions. The main IP is 104.71.48.157, located in Central, Hong Kong and belongs to AKAMAI-AS, US. The main domain is www.geelongadvertiser.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.geelongadvertiser.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 38 104.71.48.157 16625 (AKAMAI-AS)
1 22 104.71.49.6 16625 (AKAMAI-AS)
1 14 151.101.129.44 54113 (FASTLY)
1 192.0.66.86 2635 (AUTOMATTIC)
4 52.95.132.218 16509 (AMAZON-02)
1 54.192.150.68 16509 (AMAZON-02)
26 142.251.12.132 15169 (GOOGLE)
1 3 13.33.88.55 16509 (AMAZON-02)
1 172.64.132.15 13335 (CLOUDFLAR...)
2 34.160.46.16 15169 (GOOGLE)
3 104.79.97.250 16625 (AKAMAI-AS)
4 104.71.48.190 16625 (AKAMAI-AS)
2 54.192.150.8 16509 (AMAZON-02)
10 108.139.243.119 16509 (AMAZON-02)
1 13.33.91.15 16509 (AMAZON-02)
11 172.217.194.157 15169 (GOOGLE)
3 13.33.79.24 16509 (AMAZON-02)
1 54.192.150.12 16509 (AMAZON-02)
2 157.240.235.1 32934 (FACEBOOK)
1 18.155.68.87 16509 (AMAZON-02)
2 52.221.16.11 16509 (AMAZON-02)
2 151.101.193.175 54113 (FASTLY)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 23.78.217.66 16625 (AKAMAI-AS)
2 104.26.7.155 13335 (CLOUDFLAR...)
1 199.36.158.100 54113 (FASTLY)
2 42.99.140.160 4637 (ASN-TELST...)
3 13.33.88.39 16509 (AMAZON-02)
1 52.20.174.233 14618 (AMAZON-AES)
1 15 52.76.51.167 16509 (AMAZON-02)
1 54.192.150.118 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
4 54.192.150.97 16509 (AMAZON-02)
1 20.50.2.28 8075 (MICROSOFT...)
1 9 142.251.12.139 15169 (GOOGLE)
9 12 69.173.158.64 26667 (RUBICONPR...)
15 25 142.251.10.156 15169 (GOOGLE)
2 9 103.231.98.194 62713 (AS-PUBMATIC)
2 6 141.226.229.48 200478 (TABOOLA-AS)
13 15 35.71.131.137 16509 (AMAZON-02)
1 2 209.191.163.210 14744 (INTERNAP-...)
1 74.214.196.131 19189 (PULSEPOINT)
1 23.106.127.39 59253 (LEASEWEB-...)
1 52.55.123.47 14618 (AMAZON-AES)
1 1 182.161.73.146 55569 (CRITEO-AS...)
9 10 35.213.12.39 15169 (GOOGLE)
3 3 202.131.200.84 17941 (BIT-ISLE ...)
1 1 202.131.200.82 17941 (BIT-ISLE ...)
2 2 3.121.135.16 16509 (AMAZON-02)
2 4 34.98.64.218 15169 (GOOGLE)
2 3 35.71.178.8 16509 (AMAZON-02)
1 54.203.95.9 16509 (AMAZON-02)
1 31.220.27.155 39572 (ADVANCEDH...)
1 1 34.193.201.64 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
4 13.210.135.68 16509 (AMAZON-02)
1 18.155.68.80 16509 (AMAZON-02)
1 13.33.88.108 16509 (AMAZON-02)
1 151.101.65.44 54113 (FASTLY)
3 157.240.235.35 32934 (FACEBOOK)
1 141.226.224.32 200478 (TABOOLA-AS)
1 18.136.162.157 16509 (AMAZON-02)
2 63.140.48.135 16509 (AMAZON-02)
1 1 13.250.222.156 16509 (AMAZON-02)
2 141.95.33.111 16276 (OVH)
1 9 18.139.47.59 16509 (AMAZON-02)
1 13.33.30.231 16509 (AMAZON-02)
1 34.120.155.137 15169 (GOOGLE)
1 103.231.98.193 62713 (AS-PUBMATIC)
2 54.159.19.19 14618 (AMAZON-AES)
4 69.173.158.65 26667 (RUBICONPR...)
5 10 104.254.150.241 29990 (ASN-APPNEX)
2 34.102.253.54 15169 (GOOGLE)
1 182.161.73.145 55569 (CRITEO-AS...)
2 19 104.18.18.126 13335 (CLOUDFLAR...)
2 18.139.71.162 16509 (AMAZON-02)
1 54.192.150.93 16509 (AMAZON-02)
1 141.95.98.71 16276 (OVH)
3 4 50.116.239.135 6336 (TURN-US-ASN)
1 1 50.116.239.150 6336 (TURN-US-ASN)
1 175.41.135.242 16509 (AMAZON-02)
5 142.251.10.94 15169 (GOOGLE)
3 23.78.217.19 16625 (AKAMAI-AS)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
1 1 199.127.207.180 26120 (RHYTHMONE)
2 2 54.251.140.206 16509 (AMAZON-02)
1 1 35.171.14.192 14618 (AMAZON-AES)
5 34.210.246.46 16509 (AMAZON-02)
1 1 23.207.37.206 16625 (AKAMAI-AS)
6 10 151.101.194.49 54113 (FASTLY)
1 63.140.36.112 16509 (AMAZON-02)
4 52.84.228.218 16509 (AMAZON-02)
2 151.101.193.108 54113 (FASTLY)
3 12 142.251.10.149 15169 (GOOGLE)
2 74.125.200.97 15169 (GOOGLE)
4 5 52.74.13.196 16509 (AMAZON-02)
3 4 35.227.202.26 15169 (GOOGLE)
1 4 104.254.148.251 29990 (ASN-APPNEX)
5 67.199.150.86 3257 (GTT-BACKB...)
1 2 103.71.26.126 132134 (SPOTX-AS-...)
7 142.250.4.113 15169 (GOOGLE)
1 74.118.186.44 26120 (RHYTHMONE)
3 74.125.24.157 15169 (GOOGLE)
2 3.126.109.107 16509 (AMAZON-02)
1 13.33.33.112 16509 (AMAZON-02)
3 74.125.68.154 15169 (GOOGLE)
1 2 119.81.192.134 36351 (SOFTLAYER)
1 185.84.60.21 198622 (ADFORM)
1 11 74.125.68.157 15169 (GOOGLE)
2 8 142.251.10.106 15169 (GOOGLE)
3 74.125.200.94 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
1 74.125.200.156 15169 (GOOGLE)
2 3.114.17.99 16509 (AMAZON-02)
2 23.75.85.227 16625 (AKAMAI-AS)
1 23.78.217.74 16625 (AKAMAI-AS)
1 103.231.98.196 62713 (AS-PUBMATIC)
3 5 52.46.151.131 16509 (AMAZON-02)
1 104.19.173.108 13335 (CLOUDFLAR...)
1 4 54.254.175.9 16509 (AMAZON-02)
2 2 103.229.10.180 16509 (AMAZON-02)
1 54.151.137.171 16509 (AMAZON-02)
1 13.250.169.102 16509 (AMAZON-02)
1 185.84.60.20 198622 (ADFORM)
2 2 103.229.206.240 30419 (MEDIAMATH...)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
3 67.199.150.85 62713 (AS-PUBMATIC)
1 1 34.83.125.63 396982 (GOOGLE-CL...)
2 2 107.178.244.193 15169 (GOOGLE)
1 1 54.178.229.66 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
2 3 52.95.125.22 16509 (AMAZON-02)
11 54.192.150.125 16509 (AMAZON-02)
5 18.141.94.181 16509 (AMAZON-02)
2 2 18.176.21.36 16509 (AMAZON-02)
1 1 34.111.151.213 15169 (GOOGLE)
2 2 23.106.69.72 59253 (LEASEWEB-...)
1 104.18.13.76 13335 (CLOUDFLAR...)
17 142.251.12.155 15169 (GOOGLE)
2 74.125.68.155 15169 (GOOGLE)
1 142.251.10.148 15169 (GOOGLE)
4 74.125.24.154 15169 (GOOGLE)
2 151.101.2.133 54113 (FASTLY)
6 13.33.88.67 16509 (AMAZON-02)
1 151.101.130.133 54113 (FASTLY)
1 2 172.64.152.245 13335 (CLOUDFLAR...)
1 1 52.2.211.96 14618 (AMAZON-AES)
1 1 150.95.47.241 7506 (INTERQ GM...)
1 1 52.45.175.185 14618 (AMAZON-AES)
1 1 35.208.249.213 15169 (GOOGLE)
21 18.233.19.189 14618 (AMAZON-AES)
1 42.99.140.18 4637 (ASN-TELST...)
2 182.161.73.136 55569 (CRITEO-AS...)
1 35.241.45.82 ()
478 131
38    104.71.48.157 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-48-157.deploy.static.akamaitechnologies.com
www.geelongadvertiser.com.au
content.api.news
mhr.talk.news.com.au
22    104.71.49.6 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-49-6.deploy.static.akamaitechnologies.com
tags.news.com.au
resourcesssl.newscdn.com.au
14    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
1    192.0.66.86 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
origin.geelongadvertiser.com.au
4    52.95.132.218 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
1    54.192.150.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-68.sin2.r.cloudfront.net
edition.pagesuite.com
26    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
tpc.googlesyndication.com
3    13.33.88.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-55.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    172.64.132.15 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    34.160.46.16 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 16.46.160.34.bc.googleusercontent.com
bedsberry.com
3    104.79.97.250 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-97-250.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.geelongadvertiser.com.au
4    104.71.48.190 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-48-190.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
2    54.192.150.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-8.sin2.r.cloudfront.net
assets.vidora.com
10    108.139.243.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-119.mxp63.r.cloudfront.net
static.adsafeprotected.com
1    13.33.91.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-91-15.sin2.r.cloudfront.net
static.chartbeat.com
11    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
securepubads.g.doubleclick.net
3    13.33.79.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-24.sin2.r.cloudfront.net
c.amazon-adsystem.com
1    54.192.150.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-12.sin2.r.cloudfront.net
ats-wrapper.privacymanager.io
2    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
1    18.155.68.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-87.sin52.r.cloudfront.net
au.tags.newscgp.com
2    52.221.16.11 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-16-11.ap-southeast-1.compute.amazonaws.com
pixel.zprk.io
2    151.101.193.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.78.217.66 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-217-66.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
2    104.26.7.155 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
2    42.99.140.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-160.pacnet.net
secure-ds.serving-sys.com
3    13.33.88.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-39.sin2.r.cloudfront.net
cdn-gl.imrworldwide.com
1    52.20.174.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-174-233.compute-1.amazonaws.com
ping.chartbeat.net
15    52.76.51.167 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
dpm.demdex.net
1    54.192.150.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-118.sin2.r.cloudfront.net
cdn.adsafeprotected.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    54.192.150.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-97.sin2.r.cloudfront.net
au-script.dotmetrics.net
1    20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
9    142.251.12.139 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f139.1e100.net
news.google.com
12    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
25    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
cm.g.doubleclick.net
9    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
15    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    209.191.163.210 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
1    52.55.123.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-123-47.compute-1.amazonaws.com
e1.emxdgt.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
10    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    202.131.200.82 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-tapi.admatrix.jp
2    3.121.135.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-135-16.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
3    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    54.203.95.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-95-9.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    34.193.201.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-201-64.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
4    13.210.135.68 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    18.155.68.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-80.sin52.r.cloudfront.net
ncg.tags.news.com.au
1    13.33.88.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-108.sin2.r.cloudfront.net
au.audience.newscgp.com
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
3    157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    18.136.162.157 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-162-157.ap-southeast-1.compute.amazonaws.com
newscorpau.demdex.net
2    63.140.48.135 (United States)

ASN16509 (AMAZON-02, US)
metrics.geelongadvertiser.com.au
1    13.250.222.156 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-222-156.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
2    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
9    18.139.47.59 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-47-59.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
1    13.33.30.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-231.sin2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    54.159.19.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-19-19.compute-1.amazonaws.com
mfad.inskinad.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
10    104.254.150.241 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
19    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    18.139.71.162 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-71-162.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    54.192.150.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-93.sin2.r.cloudfront.net
hazhjjquarexmaygh8zt7mw3dmpam1663952797.nuid.imrworldwide.com
1    141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu
lb.eu-1-id5-sync.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
r.turn.com
1    50.116.239.150 (United States)

ASN6336 (TURN-US-ASN, US)
d3273622690172371738-t3810868978671773715.id.amgdgt.com
1    175.41.135.242 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-135-242.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
5    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
www.gstatic.com
fonts.gstatic.com
3    23.78.217.19 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-217-19.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
1    199.127.207.180 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
2    54.251.140.206 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
1    35.171.14.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-14-192.compute-1.amazonaws.com
usermatch.krxd.net
5    34.210.246.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-246-46.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    23.207.37.206 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-37-206.deploy.static.akamaitechnologies.com
tags.bluekai.com
10    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    63.140.36.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-112.data.adobedc.net
edge.adobedc.net
4    52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net
js.adsrvr.org
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
12    142.251.10.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f149.1e100.net
8228261.fls.doubleclick.net
ad.doubleclick.net
s0.2mdn.net
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
5    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
au-gmtdmp.mookie1.com
odr.mookie1.com
4    104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
5    67.199.150.86 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
2    103.71.26.126 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
7    142.250.4.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f113.1e100.net
play.google.com
1    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
3    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
www.googleadservices.com
2    3.126.109.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-109-107.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
1    13.33.33.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-112.sin2.r.cloudfront.net
check.analytics.rlcdn.com
3    74.125.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f154.1e100.net
adservice.google.com
2    119.81.192.134 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
1    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
cm3.adform.net
11    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
googleads.g.doubleclick.net
www.googletagservices.com
8    142.251.10.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f106.1e100.net
www.google.com
3    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
www.google.com.au
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
adservice.google.com.au
2    3.114.17.99 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-17-99.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.78.217.74 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-217-74.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    104.19.173.108 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
4    54.254.175.9 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-175-9.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    54.151.137.171 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-137-171.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    13.250.169.102 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-169-102.ap-southeast-1.compute.amazonaws.com
invoke.bonzai.co
1    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    67.199.150.85 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    34.83.125.63 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com
um.simpli.fi
2    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
1    54.178.229.66 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-229-66.ap-northeast-1.compute.amazonaws.com
aa.agkn.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
11    54.192.150.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-125.sin2.r.cloudfront.net
massets.bonzai.co
5    18.141.94.181 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-94-181.ap-southeast-1.compute.amazonaws.com
collector.bonzai.co
2    18.176.21.36 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-21-36.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    23.106.69.72 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
1    104.18.13.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
17    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
pagead2.googlesyndication.com
2    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
www.googletagservices.com
1    142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net
s0.2mdn.net
4    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
googleads4.g.doubleclick.net
2    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
6    13.33.88.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-67.sin2.r.cloudfront.net
dcollector.bonzai.co
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
2    172.64.152.245 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    52.2.211.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-211-96.compute-1.amazonaws.com
fksnk.com
1    150.95.47.241 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-241.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
21    18.233.19.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-19-189.compute-1.amazonaws.com
dt.adsafeprotected.com
1    42.99.140.18 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-18.pacnet.net
code.createjs.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    35.241.45.82 (None, )

ASN- ()
udc-neb.kampyle.com
Apex Domain
Subdomains		 Transfer
53 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 110246
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
ad.doubleclick.net — Cisco Umbrella Rank: 178
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
271 KB
41 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 575
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3496
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
fw.adsafeprotected.com — Cisco Umbrella Rank: 774
dt.adsafeprotected.com — Cisco Umbrella Rank: 527
396 KB
35 googlesyndication.com
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
213 KB
27 google.com
news.google.com — Cisco Umbrella Rank: 5276
play.google.com — Cisco Umbrella Rank: 24
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
75 KB
25 geelongadvertiser.com.au
www.geelongadvertiser.com.au
origin.geelongadvertiser.com.au
subscriptions.geelongadvertiser.com.au
metrics.geelongadvertiser.com.au
838 KB
23 bonzai.co
invoke.bonzai.co — Cisco Umbrella Rank: 186708
massets.bonzai.co — Cisco Umbrella Rank: 193648
collector.bonzai.co — Cisco Umbrella Rank: 181713
dcollector.bonzai.co — Cisco Umbrella Rank: 189481
618 KB
22 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 690
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
image5.pubmatic.com — Cisco Umbrella Rank: 50237
image2.pubmatic.com — Cisco Umbrella Rank: 883
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
image4.pubmatic.com — Cisco Umbrella Rank: 835
simage4.pubmatic.com — Cisco Umbrella Rank: 1191
29 KB
22 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 697
images.taboola.com — Cisco Umbrella Rank: 1779
sync.taboola.com — Cisco Umbrella Rank: 1037
sync-t1.taboola.com — Cisco Umbrella Rank: 1309
match.taboola.com — Cisco Umbrella Rank: 2758
pips.taboola.com — Cisco Umbrella Rank: 1549
cds.taboola.com — Cisco Umbrella Rank: 1446
205 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
ssum.casalemedia.com — Cisco Umbrella Rank: 1370
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
20 KB
20 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
token.rubiconproject.com — Cisco Umbrella Rank: 667
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3131
eus.rubiconproject.com — Cisco Umbrella Rank: 564
23 KB
19 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
js.adsrvr.org — Cisco Umbrella Rank: 1428
insight.adsrvr.org — Cisco Umbrella Rank: 624
18 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com — Cisco Umbrella Rank: 432
34 KB
16 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
newscorpau.demdex.net — Cisco Umbrella Rank: 66394
20 KB
16 api.news
content.api.news — Cisco Umbrella Rank: 42682
258 KB
13 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 51772
mhr.talk.news.com.au — Cisco Umbrella Rank: 702378
ncg.tags.news.com.au — Cisco Umbrella Rank: 94296
235 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
53 KB
11 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1036
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
2 KB
11 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 60072
83 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
4 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
4 KB
9 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1103
beacon.krxd.net — Cisco Umbrella Rank: 513
cdn.krxd.net — Cisco Umbrella Rank: 1613
consumer.krxd.net — Cisco Umbrella Rank: 2122
91 KB
8 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
126 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
252 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
191 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2458
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6490
hazhjjquarexmaygh8zt7mw3dmpam1663952797.nuid.imrworldwide.com
67 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 70114
au.pixel.newscgp.com — Cisco Umbrella Rank: 128998
au.audience.newscgp.com — Cisco Umbrella Rank: 142688
49 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
129 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 804
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3955
idsync.rlcdn.com — Cisco Umbrella Rank: 331
1 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1967
bs.serving-sys.com — Cisco Umbrella Rank: 1209
lm.serving-sys.com — Cisco Umbrella Rank: 1924
26 KB
4 google.com.au
www.google.com.au — Cisco Umbrella Rank: 24554
adservice.google.com.au — Cisco Umbrella Rank: 97372
2 KB
4 mookie1.com
au-gmtdmp.mookie1.com — Cisco Umbrella Rank: 310341
odr.mookie1.com — Cisco Umbrella Rank: 947
1 KB
4 turn.com
d.turn.com — Cisco Umbrella Rank: 1042
ad.turn.com — Cisco Umbrella Rank: 742
r.turn.com — Cisco Umbrella Rank: 3229
2 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 650
us-u.openx.net — Cisco Umbrella Rank: 396
613 B
4 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 688
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
7 KB
4 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 38507
39 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1002
21 KB
4 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 978457
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
60 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
33 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
306 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 407
1 KB
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3148
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3283
collector.brandmetrics.com — Cisco Umbrella Rank: 3593
17 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1122
id5-sync.com — Cisco Umbrella Rank: 463
18 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4494
udc-neb.kampyle.com
87 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
3 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 826
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1315
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
446 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 734
717 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
1 KB
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com — Cisco Umbrella Rank: 1381
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
57 KB
2 adform.net
cm3.adform.net — Cisco Umbrella Rank: 138604
c1.adform.net — Cisco Umbrella Rank: 637
631 B
2 innity.com
avd.innity.com — Cisco Umbrella Rank: 27685
847 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 563
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
92 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 961
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3623
409 B
2 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 23442
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 877
1 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 16772
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
111 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 15230
6 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 76006
3 KB
2 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 106093
28 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1465
63 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1657
501 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 13173
563 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 128850
393 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4584
609 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1727
349 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
572 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
512 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
656 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4108
392 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1453
181 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
131 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
99 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7004
838 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 511
489 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 29849
698 B
1 amgdgt.com
d3273622690172371738-t3810868978671773715.id.amgdgt.com
386 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1406
lbs.eu-1-id5-sync.com Failed
342 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
463 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
591 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4096
46 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1057
385 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 95675
529 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1308
67 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649
697 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
729 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
2 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1220
201 B
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 83178
3 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 30792
20 KB
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 6003
44 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1317
24 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 884
12 KB
1 pagesuite.com
edition.pagesuite.com — Cisco Umbrella Rank: 94219
57 KB
0 sonobi.com Failed
syd-1-apex.go.sonobi.com Failed
0 mediarithmics.com Failed
cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 1655 Failed
478 104
Domain Requested by
25 cm.g.doubleclick.net 15 redirects www.geelongadvertiser.com.au
googleads.g.doubleclick.net
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
21 dt.adsafeprotected.com www.geelongadvertiser.com.au
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
21 www.geelongadvertiser.com.au 3 redirects www.geelongadvertiser.com.au
17 pagead2.googlesyndication.com eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
tpc.googlesyndication.com
www.geelongadvertiser.com.au
www.googletagservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
16 tpc.googlesyndication.com www.geelongadvertiser.com.au
securepubads.g.doubleclick.net
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
ad.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
16 content.api.news www.geelongadvertiser.com.au
15 dpm.demdex.net 1 redirects www.geelongadvertiser.com.au
tags.news.com.au
ssum-sec.casalemedia.com
13 dsum-sec.casalemedia.com 2 redirects js.adsrvr.org
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
12 match.adsrvr.org 12 redirects
11 massets.bonzai.co invoke.bonzai.co
massets.bonzai.co
www.geelongadvertiser.com.au
11 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.geelongadvertiser.com.au
www.googletagservices.com
11 resourcesssl.newscdn.com.au www.geelongadvertiser.com.au
ts2020-indies-client.web.app
11 tags.news.com.au 1 redirects www.geelongadvertiser.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 sync-tm.everesttech.net 6 redirects www.geelongadvertiser.com.au
10 ib.adnxs.com 5 redirects tags.news.com.au
www.geelongadvertiser.com.au
acdn.adnxs.com
googleads.g.doubleclick.net
10 x.bidswitch.net 9 redirects www.geelongadvertiser.com.au
10 static.adsafeprotected.com bedsberry.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
www.geelongadvertiser.com.au
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
9 simage2.pubmatic.com 2 redirects www.geelongadvertiser.com.au
js.adsrvr.org
ads.pubmatic.com
9 news.google.com 1 redirects subscriptions.geelongadvertiser.com.au
news.google.com
www.geelongadvertiser.com.au
www.gstatic.com
8 www.google.com 2 redirects www.geelongadvertiser.com.au
securepubads.g.doubleclick.net
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 cdn.ampproject.org www.geelongadvertiser.com.au
securepubads.g.doubleclick.net
7 www.googletagservices.com securepubads.g.doubleclick.net
www.googletagservices.com
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
www.geelongadvertiser.com.au
7 play.google.com www.gstatic.com
7 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.geelongadvertiser.com.au
7 pixel.rubiconproject.com 4 redirects www.geelongadvertiser.com.au
6 dcollector.bonzai.co www.geelongadvertiser.com.au
6 s0.2mdn.net www.geelongadvertiser.com.au
s0.2mdn.net
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
6 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.geelongadvertiser.com.au
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
6 trc.taboola.com 1 redirects cdn.taboola.com
www.geelongadvertiser.com.au
6 cdn.taboola.com www.geelongadvertiser.com.au
cdn.taboola.com
5 collector.bonzai.co www.geelongadvertiser.com.au
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
www.geelongadvertiser.com.au
5 image2.pubmatic.com www.geelongadvertiser.com.au
ads.pubmatic.com
5 ups.analytics.yahoo.com 4 redirects www.geelongadvertiser.com.au
5 beacon.krxd.net www.geelongadvertiser.com.au
cdn.krxd.net
5 token.rubiconproject.com 5 redirects
4 googleads4.g.doubleclick.net ad.doubleclick.net
www.geelongadvertiser.com.au
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 secure.adnxs.com 1 redirects www.geelongadvertiser.com.au
4 8228261.fls.doubleclick.net 2 redirects www.geelongadvertiser.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 www.gstatic.com news.google.com
www.gstatic.com
4 fastlane.rubiconproject.com tags.news.com.au
4 au.pixel.newscgp.com au.tags.newscgp.com
4 au-script.dotmetrics.net tags.news.com.au
www.geelongadvertiser.com.au
au-script.dotmetrics.net
4 tags.tiqcdn.com www.geelongadvertiser.com.au
tags.tiqcdn.com
3 ad.doubleclick.net 1 redirects www.geelongadvertiser.com.au
www.googletagservices.com
3 aax-eu.amazon-adsystem.com 2 redirects www.geelongadvertiser.com.au
3 odr.mookie1.com 3 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com tags.news.com.au
ssum-sec.casalemedia.com
js-sec.indexww.com
3 www.google.com.au www.geelongadvertiser.com.au
3 adservice.google.com 8228261.fls.doubleclick.net
securepubads.g.doubleclick.net
3 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
3 insight.adsrvr.org 1 redirects js.adsrvr.org
3 www.facebook.com www.geelongadvertiser.com.au
3 eb2.3lift.com 2 redirects www.geelongadvertiser.com.au
3 u.openx.net 2 redirects www.geelongadvertiser.com.au
3 sync-dsp.ad-m.asia 3 redirects
3 sync-t1.taboola.com www.geelongadvertiser.com.au
3 sync.taboola.com 2 redirects www.geelongadvertiser.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.geelongadvertiser.com.au
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 cdn.krxd.net ad.doubleclick.net
cdn.krxd.net
2 fw.adsafeprotected.com 1 redirects www.geelongadvertiser.com.au
2 gu.dyntrk.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 ad.turn.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 pixel.tapad.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 sync.mathtag.com 2 redirects
2 pixel.quantserve.com 2 redirects
2 eus.rubiconproject.com tags.news.com.au
eus.rubiconproject.com
2 ads.pubmatic.com tags.news.com.au
ads.pubmatic.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 static.criteo.net tags.news.com.au
static.criteo.net
2 avd.innity.com 1 redirects js.adsrvr.org
2 lm.serving-sys.com secure-ds.serving-sys.com
2 sync.search.spotxchange.com 1 redirects www.geelongadvertiser.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 acdn.adnxs.com www.geelongadvertiser.com.au
tags.news.com.au
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 secure-sdk.imrworldwide.com www.geelongadvertiser.com.au
2 ads.playground.xyz tags.news.com.au
www.geelongadvertiser.com.au
2 mfad.inskinad.com tags.news.com.au
ssum-sec.casalemedia.com
2 id5-sync.com tags.news.com.au
cdn.id5-sync.com
2 metrics.geelongadvertiser.com.au tags.news.com.au
2 rtb.mfadsrvr.com 2 redirects
2 ce.lijit.com 1 redirects www.geelongadvertiser.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.geelongadvertiser.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.geelongadvertiser.com.au
assets.vidora.com
2 login.newscorpaustralia.com www.geelongadvertiser.com.au
login.newscorpaustralia.com
2 bedsberry.com www.geelongadvertiser.com.au
bedsberry.com
2 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.geelongadvertiser.com.au
2 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.geelongadvertiser.com.au
1 udc-neb.kampyle.com
1 code.createjs.com s0.2mdn.net
1 simage4.pubmatic.com ads.pubmatic.com
1 trace.mediago.io 1 redirects
1 im.bluevoox.com 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 fksnk.com 1 redirects
1 s.tribalfusion.com eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 r.turn.com eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
1 consumer.krxd.net cdn.krxd.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 px.ads.linkedin.com www.geelongadvertiser.com.au
1 aa.agkn.com 1 redirects
1 um.simpli.fi 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 c1.adform.net ads.pubmatic.com
1 invoke.bonzai.co www.geelongadvertiser.com.au
1 d.adroll.com ssum-sec.casalemedia.com
1 csync.loopme.me ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 js-sec.indexww.com tags.news.com.au
1 adservice.google.com.au securepubads.g.doubleclick.net
1 cm3.adform.net js.adsrvr.org
1 check.analytics.rlcdn.com tags.news.com.au
1 sync.1rx.io www.geelongadvertiser.com.au
1 au-gmtdmp.mookie1.com www.geelongadvertiser.com.au
1 us-u.openx.net www.geelongadvertiser.com.au
1 edge.adobedc.net cdn1.adoberesources.net
1 tags.bluekai.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 dt.scanscout.com 1 redirects
1 fonts.gstatic.com news.google.com
1 image5.pubmatic.com www.geelongadvertiser.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 d3273622690172371738-t3810868978671773715.id.amgdgt.com 1 redirects
1 d.turn.com 1 redirects
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 hazhjjquarexmaygh8zt7mw3dmpam1663952797.nuid.imrworldwide.com www.geelongadvertiser.com.au
1 htlb.casalemedia.com tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 api.rlcdn.com tags.news.com.au
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 au.audience.newscgp.com au.tags.newscgp.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 t.adx.opera.com www.geelongadvertiser.com.au
1 sync.srv.stackadapt.com 1 redirects
1 s.uuidksinc.net www.geelongadvertiser.com.au
1 visitor.omnitagjs.com www.geelongadvertiser.com.au
1 match.taboola.com www.geelongadvertiser.com.au
1 sync-tapi.admatrix.jp 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com www.geelongadvertiser.com.au
1 rtb-csync.smartadserver.com www.geelongadvertiser.com.au
1 bh.contextweb.com www.geelongadvertiser.com.au
1 collector.brandmetrics.com cdn.brandmetrics.com
1 cdn.jsdelivr.net tags.news.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 ping.chartbeat.net www.geelongadvertiser.com.au
1 subscriptions.geelongadvertiser.com.au www.geelongadvertiser.com.au
1 ts2020-indies-client.web.app www.geelongadvertiser.com.au
1 cdn1.adoberesources.net tags.tiqcdn.com
1 cdn.id5-sync.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 mhr.talk.news.com.au www.geelongadvertiser.com.au
1 images.taboola.com www.geelongadvertiser.com.au
1 use.fontawesome.com cdn.taboola.com
1 edition.pagesuite.com www.geelongadvertiser.com.au
1 origin.geelongadvertiser.com.au www.geelongadvertiser.com.au
0 lbs.eu-1-id5-sync.com Failed cdn.id5-sync.com
0 syd-1-apex.go.sonobi.com Failed tags.news.com.au
0 cookie-matching.mediarithmics.com Failed
478 185
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
origin.geelongadvertiser.com.au
R3		 2022-09-20 -
2022-12-19		 3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2021-12-15 -
2022-12-14		 a year crt.sh
edition.pagesuite.com
Amazon		 2022-09-17 -
2023-10-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
bedsberry.com
R3		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-03 -
2022-10-01		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.zprk.io
Amazon		 2021-11-18 -
2022-12-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
web.app
GTS CA 1D4		 2022-08-12 -
2022-11-10		 3 months crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2022-06-11 -
2023-06-11		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
uuidksinc.net
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
www.newsconnect.com.au
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
au.audience.newscgp.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
metrics.geelongadvertiser.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
mfad.inskinad.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2022-08-15 -
2022-11-13		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
bs.serving-sys.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-18 -
2022-11-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-09 -
2022-11-11		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.adroll.com
Amazon		 2021-12-18 -
2023-01-15		 a year crt.sh
bonzai.co
Amazon		 2021-11-28 -
2022-12-26		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.bonzai.co
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-07		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh

This page contains 56 frames:

Primary Page: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Frame ID: 3A333F3C6ED4004B189B8876EA46D115
Requests: 197 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=4OspvnspgmBMJamkQ3qR5FUsyivd4tGp&nonce=0KLsx3JMxekzwOfkfnJeGykDBcsJRocw&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: C48124E484B0F1D1D18829ED0A6A73B3
Requests: 3 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EQJ7DM-G-CRK2
Frame ID: 42B4A1AF9240B4F75F43CD9719565EFC
Requests: 21 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: E29115AFDF8B15F1F1966CA482424333
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: F78E6AC339747823747BC08266739917
Requests: 22 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 55ED2AFB20FB8AFBD356B3171F0B0EC6
Requests: 3 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
Frame ID: 64179C1963977603DA243ABDCB14AAC8
Requests: 13 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: BB7FADD0B865D34B7E77C0731F7D39D2
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: CC1DB2AEF46644162F0BDBA221EE45AB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: B6F214A6F7AA2C1A2662FC7A65285DDC
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuNt5yzq_oCFc4ztwAd8JkG8Q;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879
Frame ID: 66CD914B374B4BE37E61FA79AF28005B
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMqOt5yzq_oCFbFRfAodjDgFtw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287
Frame ID: 5B368B40ECF3A0661A5B3777B772EED7
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 02DF930BDB8A3E86FE254CF349678114
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: A80748F63F6491A18D53436DF1375EC3
Requests: 5 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&_origin=0&gdpr=0&gdpr_consent=
Frame ID: AD719F98236A97D137CD8DBB5729E243
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296536&src.rand=[timestamp]
Frame ID: B0EFD0427C63B6CC2BA4B6754B294431
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=879169&seg=9702350&t=2
Frame ID: 387F2AD62A4AA5FAF877ED06AB58F354
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=xmwilhl&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&upid=gwdsao6&upv=1.1.0
Frame ID: 0C9E4EB17341006E6B046D372F4894BF
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&upid=3ausds4&upv=1.1.0
Frame ID: F3F612FE0DF4652CB352227320FC9E2B
Requests: 2 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expiration=1666544800&gdpr=0&gdpr_consent=
Frame ID: 9DE1E81F848AD28E88908EF02EE98F9C
Requests: 1 HTTP requests in this frame

Frame: https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D6b38cf62-f3ea-4952-8c0a-9f3fa1097def
Frame ID: 1E1F441C07C348D33AC3599661F4B59C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Frame ID: 20886D975F60A5154BD447CD5F21DA5C
Requests: 1 HTTP requests in this frame

Frame: https://cm3.adform.net/pixel?adform_pid=3&adform_pc=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&adform_v=1
Frame ID: D7BC5F6AC5719C2F48A656FEB9DC8009
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expiration=1666544800&gdpr=0&gdpr_consent=
Frame ID: 1924FFCCF6CEEF51369C19BDAFA218BF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Frame ID: 132A102F402F8CFDCD5EC26517C962AB
Requests: 1 HTTP requests in this frame

Frame: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6DE98739DBC61FC00C59B6154DBA7A64
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: D2E8AD9E1D9AE81691525659194D7C19
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9EB8ECC6ED3B6EDDDCF0F356903C580E
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: 1B0BFA92EA853B2E3F7CF92F090C51B8
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C91CEA128762A612B91F8F2F02DE6E12
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E1E9DF8A1A1F69EE5F854C4944E58750
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjuPiQxGaI1X0Vyy3SQ8np_CF1umfJISOzGDdKEk2OO5HSv3s69_ixgZRFwwhq7HJwlxIebi1fGhF8KoVx4GCrjHCibiHJ31aDWKwXq3PYlQsDg7k8VXFNU3qiwLuDjZwTA221TkoxZKzn5dj4ccUbRPNxx4J6WqzhGakDxhCkhJslVHByWjPjnx0RTOfiE4PlCIoUTs3IVOAPr2eQ8Zhopldh2By15IOkEZTkTSRVft8iyC9-FhqYOn5ubmxOG74oiFK-83CBiB7lBF_2CwGAh_UJJo94EYfcLuXp7WuPDYx62e4u9DrE24vAMEZ2DWnOeF6wiw1F31dDLdvrZOQT52gr-oXz9qA&sai=AMfl-YQYRwwu2_65xeSXhp6_X2192480-P0fIuJ2mCMPVmD4klM-Gu4_sliCesRY8rMK_YCcWVxIhWM-6uyjatBFh5-PXJTASuKCq2QDkfM8iiwMSnCWwJLtLtVqeyna48w&sig=Cg0ArKJSzAS8VAG2amFcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 89E870521E3A38AD1AC6B30906C0CBB6
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWyFmv9ml1CxIBDTGrmcYwNgO5hr8bHuLUdQPsDp_SIpRQPgmwnK07JSqSGs1-qReppnznUoc5Ya-IVAistdClpGHmDwu9YRX5vkNQ8qp6XWh9WEPGzDQesYBo38XxRqVtqBuO31r8-uPGlt6JlUcoU41ekoiocULEQMMXCY8XROjYE5lb7OOz1MtfQSuW9905FeIkC6C69iND4a8e6BWUGozv3FQ9nRGcXPwi8RLnsXik_7RUpFbOZDmqUQ_oZapybW1kRYQ8myCrOJmjK7beYyuHRy4wCBOQNQk-AWlY5VO-oJhSIM2cFUdL9AMly0GhdahmtizxQ_c15nh94WPiTXpOJx1nOUE&sai=AMfl-YQFZZy2CNSh5Ep80La4FkLrILa1PBoDzdCD-109WkOIHFOr7xa69-VcA1yX2Aez3QvArk0J7kp-3oMEDBYCHNKoIrh1IifmmjVHb-VoSwNPnzMpTtB4_RUgSN5twYE&sig=Cg0ArKJSzBXPXiFtTTTxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F7532DD764C6C448BDEB761956DAC6D2
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 3B7D1F74263332049763CDA60B0CED97
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK6fWUy9sR9i2FsuKf8nqxWBCHE2O0YHSDFEIkO0vu5QsN-nIG1TtiVUVPqCWC_5KiIS6jE-12YIFyVJlb5T1veI0OSTcEaXi5Qc7yJwQb2yaqbW89l6_8lbU2eUs4EgvQNSav5OftWh7SP5MVtH4zN85F3oD3t3aQuz-uqxuWnQ6UsIlfK7nMdXA9bbPJc_knhkw1niLKcKFd3hLi70hKMDDFgl0Hm0uPP57QlZMCjLWv76a6fRm1SQlytXHOfS_iDbcyKoCKoIftZJNS0sHsuazxc-MPbd-Dk0GijxMcGJXNmDuuFuEUTaW2k2U1uLksLucCGU66adsYhUYHla0ITCnZe_sme5E&sai=AMfl-YS67bqlSm53yViHDVgIj4CPR5XQ9ypyK-4OW1zlY3RmD0Ln_XKEMkq7-6oWivFc2Mmb96XFQKM4_HgC9pBGYThJ1xkl7MDPSbkqw-Vfp0f1AYbVxGdmMWBlsHpXxOY&sig=Cg0ArKJSzCBEyBN6cfrJEAE&uach_m=[UACH]&adurl=
Frame ID: 222B113CFDD94A9BF26C56C772EF5779
Requests: 8 HTTP requests in this frame

Frame: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B87308798593478F99647C95D21E29D2
Requests: 22 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6C6A5CB2F41A8283507B7B126461DA88
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6A8F5D5D-CD9F-4374-AA63-A93E537158F6
Frame ID: DFBB0BDB9996B6DCBE3558F26D8401F2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8fee632d-e79f-4400-a24d-1d97c0326103&gdpr=0&gdpr_consent=
Frame ID: CD7FC4CEEBABA1EA302260B209BB30F2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nnwAAAJwOyQN8&gdpr=0&gdpr_consent=
Frame ID: C3AF3F88412430BE56ACD9AD8DCE732B
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404672816&pubOrder=3065307254&cb=1567628727&custom=homepage&custom3=168400271&adsafe_par&impId=16773bff-3b62-11ed-944d-02aa41dfc264
Frame ID: 95EAB1F1FCAE6E70005ED3DE5E21512F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQo-roAhi_mc3TATAB&v=APEucNUpaibyvlzvplOR3f2yqQtFjftXr1qEGsW3Yg4OzayQ5ibej4zm1ZRXQT7uRLTabwJhqsCT1fuCGKqUTHbp7dzZ4ifMiQ
Frame ID: DC46355941F9187E116FBD5AC2F482D9
Requests: 5 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404672819&pubOrder=3065307254&cb=1941731089&custom=homepage&custom3=168400271&adsafe_par&impId=16773c02-3b62-11ed-944d-02aa41dfc264
Frame ID: A37B8F78EFE6C52C8AAC026F0E92C3AF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8554302AB000737F0BFCD5B3F1259194
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404823462&pubOrder=3065307254&cb=220396473&custom=homepage&custom3=168400271&adsafe_par&impId=16773c00-3b62-11ed-944d-02aa41dfc264
Frame ID: 75686FE52B85E0373D081F2AC00A1D92
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7B1395DFB24FC20FD145762C5387ED3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4656BE77DFA7AE1BB87FB27EF8737734
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11225336779930824900/_S22AnywearAnytime_VH_728x90_____.html?e=69&leftOffset=0&topOffset=0&c=RmVSc8cs3g&t=1&renderingType=2&ev=01_247
Frame ID: F31026315DD91DCB21D1FFB5C0F23CE1
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: ECE4BD27AD388DEEBB85AB21BA3DE394
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2FA15B4F9D086909D3EBE0D22A88D40F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2F5125B3086C28D10C5928CF176DA1FC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 453FEF8264CFFD50D8B8AD9F76DF412E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.geelongadvertiser.com.au
Frame ID: A8F6E56162912996FE383D61D384F79E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: C3244706720BB25AEE734B30B39750B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3492780BF9BF860A5B9E505AC68E2E25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA5C5DFF063CDE65A788BAE9E94F81C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Geelong Advertiser | Latest Geelong & Region News | Geelong Advertiser

Page URL History Show full URLs

  1. https://www.geelongadvertiser.com.au/ HTTP 302
    https://www.geelongadvertiser.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.geelongadvertiser.com.au%2f HTTP 302
    https://www.geelongadvertiser.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.a... HTTP 302
    https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

478
Requests

83 %
HTTPS

0 %
IPv6

104
Domains

185
Subdomains

131
IPs

13
Countries

5108 kB
Transfer

13089 kB
Size

183
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.geelongadvertiser.com.au/ HTTP 302
    https://www.geelongadvertiser.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.geelongadvertiser.com.au%2f HTTP 302
    https://www.geelongadvertiser.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2f&16639527891796740908 HTTP 302
    https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663952794449&ns_c=UTF-8&c7=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&c8=Geelong%20Advertiser%20%7C%20Latest%20Geelong%20%26%20Region%20News%20%7C%20Geelong%20Advertiser&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663952794449&ns_c=UTF-8&c7=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&c8=Geelong%20Advertiser%20%7C%20Latest%20Geelong%20%26%20Region%20News%20%7C%20Geelong%20Advertiser&c9=
Request Chain 100
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663952796171 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663952796171
Request Chain 116
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EQJ7DM-G-CRK2
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPHBDazrA_P7d5V4C4l3UHw&google_cver=1
Request Chain 119
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
Request Chain 120
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Request Chain 121
  • https://ce.lijit.com/merge?pid=42&3pid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 125
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=574e972a-fd35-40e1-86c6-9caee590171f
Request Chain 126
  • https://id5-sync.com/s/464/9.gif?puid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=5813278693740145724&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOns7eNUVZjl5uUhH8DU6iy_eEN58NMVgngnvi4Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=8fee632d-e79f-4400-a24d-1d97c0326103&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&ttl=%%TTL%% HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/3/5.gif?puid=3185137231455762506&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/2/6.gif?puid=ded0e195-bc6b-49de-ace2-e5a7fe71ddeb&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/1/7.gif?puid=24E804CDC5B52AF&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEAPd4mrvUSWH6xp2VNx5ThA&google_cver=1
Request Chain 127
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1 HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=57b2e5f1-50ce-4a68-a0bb-c946b788739a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=DN4p-HfXJaWJ-Wg&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6b38cf62-f3ea-4952-8c0a-9f3fa1097def
Request Chain 128
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7a4f73a9-7269-462d-abc4-cea1c0ede64b HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7a4f73a9-7269-462d-abc4-cea1c0ede64b&tbid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&query=taboola_hm%3D7a4f73a9-7269-462d-abc4-cea1c0ede64b&isDirect=0
Request Chain 129
  • https://u.openx.net/w/1.0/sd?id=543998486&val=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=
Request Chain 130
  • https://eb2.3lift.com/xuid?mid=7772&xuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 133
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=xndX1fFvRuFkqKQs3niHs2fR_nE
Request Chain 136
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a54b6a43-1d7e-4f75-ba89-c5e8471b2832
Request Chain 148
  • https://cm.everesttech.net/cm/dd?d_uuid=08314947031694881621094073913528724637 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nnwAAAJwOyQN8
Request Chain 170
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
Request Chain 183
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=5813278693740145724
Request Chain 184
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://d3273622690172371738-t3810868978671773715.id.amgdgt.com/r/telco/tuid/3810868978671773715/duid/3273622690172371738/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D3810868978671773715 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3810868978671773715
Request Chain 185
  • https://token.rubiconproject.com/token?pid=6404&puid=08314947031694881621094073913528724637&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8EQJ7Q9-9-GKD9?gdpr=0
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDgzMTQ5NDcwMzE2OTQ4ODE2MjEwOTQwNzM5MTM1Mjg3MjQ2Mzc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECytxVtIoE7-xYjx82fkiKA&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 191
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Request Chain 194
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nnpaHoO2gg-757ik6gQAA%264781
Request Chain 195
  • https://dt.scanscout.com/ssframework/uid?UIAA=08314947031694881621094073913528724637&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-63dcd6437372c42b9989493928994843
Request Chain 196
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=08314947031694881621094073913528724637&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=08314947031694881621094073913528724637&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 198
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=08314947031694881621094073913528724637 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08314947031694881621094073913528724637
Request Chain 199
  • https://tags.bluekai.com/site/43981?id=08314947031694881621094073913528724637&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 207
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy3nnwAAAJwOyQN8
Request Chain 211
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuNt5yzq_oCFc4ztwAd8JkG8Q;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879
Request Chain 212
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CMqOt5yzq_oCFbFRfAodjDgFtw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287
Request Chain 215
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:s5u42vo&fmt=3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=Nzk2ZjkxZjUtNmMxOS00MzEwLTlkOGUtOTZkY2Y1YmVkM2Qw&gdpr=0&gdpr_consent=&ttd_tdid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&google_gid=CAESEH4rmW6rxk1Jg8Pg_8BbhC0&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3i1W7bZE2uLGvQFksv2QoAt_hmX1i9k-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&_origin=0&gdpr=0&gdpr_consent=
Request Chain 220
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nnwAAAJwOyQN8
Request Chain 222
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nnwAAAJwOyQN8&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nnwAAAJwOyQN8&img=1&__user_check__=1&sync_id=174a709b-3b62-11ed-ac8e-1805dd570507
Request Chain 225
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nnwAAAJwOyQN8&t=2592000&o=0
Request Chain 227
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
Request Chain 248
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=6b38cf62-f3ea-4952-8c0a-9f3fa1097def HTTP 302
  • https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D6b38cf62-f3ea-4952-8c0a-9f3fa1097def
Request Chain 249
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Request Chain 250
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://cm3.adform.net/pixel?adform_pid=3&adform_pc=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&adform_v=1
Request Chain 252
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Request Chain 256
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=2027693333&cv=9&fst=1663952800696&num=1&label=K_nGCNn0y3sQ6PmBhwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&auid=1565954551.1663952800&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=oectY-GVBay-rtoPup-qqAE&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10LU5WaGowNzJrM0xvYldGZWRJTUVkRTNEWS1pbzFEVi01RVdyVkRmSXhDRTVNGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERFMy1ZOWhHZlRRMGVLTXBWNUMzeUNWdGt5a3h2SEFoRkxkQm9QSGtlc21JcXVrbndPTVJqX3Bp HTTP 302
  • https://www.google.com/pagead/1p-conversion/820018408/?random=2027693333&cv=9&fst=1663952800696&num=1&label=K_nGCNn0y3sQ6PmBhwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&auid=1565954551.1663952800&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10LU5WaGowNzJrM0xvYldGZWRJTUVkRTNEWS1pbzFEVi01RVdyVkRmSXhDRTVNGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERFMy1ZOWhHZlRRMGVLTXBWNUMzeUNWdGt5a3h2SEFoRkxkQm9QSGtlc21JcXVrbndPTVJqX3Bp&is_vtc=1&ocp_id=oectY-GVBay-rtoPup-qqAE&cid=CAQSKQCsnQUxawyZXVo_4tevG6z4mfcSkhrOdf-ZCueVIvugUpTHUog3LBPy&random=3706581381&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.com.au/pagead/1p-conversion/820018408/?random=2027693333&cv=9&fst=1663952800696&num=1&label=K_nGCNn0y3sQ6PmBhwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&auid=1565954551.1663952800&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10LU5WaGowNzJrM0xvYldGZWRJTUVkRTNEWS1pbzFEVi01RVdyVkRmSXhDRTVNGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERFMy1ZOWhHZlRRMGVLTXBWNUMzeUNWdGt5a3h2SEFoRkxkQm9QSGtlc21JcXVrbndPTVJqX3Bp&is_vtc=1&ocp_id=oectY-GVBay-rtoPup-qqAE&cid=CAQSKQCsnQUxawyZXVo_4tevG6z4mfcSkhrOdf-ZCueVIvugUpTHUog3LBPy&random=3706581381&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hBeBgvBcykOAxbNSgKXmOZ4dKKF78jmiX1itUpfnO_osv-kG8S7SUnXA54Kk4v6LLXowSJ2TP297T_-aVCWKvzI
Request Chain 273
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5813278693740145724
Request Chain 276
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB&dcc=t
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKhtnjfCqFHNKpauizbVnlA&google_cver=1
Request Chain 278
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy3nnpaHoO2gg-757ik6gQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
Request Chain 279
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5813278693740145724
Request Chain 281
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB
Request Chain 282
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=iuYvbNnifDqR4Cg8ju0waoqxLzuRsC4_3bZGUXTu
Request Chain 313
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8fee632d-e79f-4400-a24d-1d97c0326103&gdpr=0&gdpr_consent=
Request Chain 314
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nnwAAAJwOyQN8&gdpr=0&gdpr_consent=
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ao9dXc2fQ3SqY6k-U3FY9g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 316
  • https://idsync.rlcdn.com/420486.gif?partner_uid=6A8F5D5D-CD9F-4374-AA63-A93E537158F6 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDZBOEY1RDVELUNEOUYtNDM3NC1BQTYzLUE5M0U1MzcxNThGNhAAGg0Ios-3mQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9226d401a513a7a994dd2d893dd3f16049dcda762f7b82fe3002a0c3cb0b8019791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5MjI2ZDQwMWE1MTNhN2E5OTRkZDJkODkzZGQzZjE2MDQ5ZGNkYTc2MmY3YjgyZmUzMDAyYTBjM2NiMGI4MDE5NzkxNDI2YjU0MTdkY2UyMRAAGgwIo8-3mQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5MjI2ZDQwMWE1MTNhN2E5OTRkZDJkODkzZGQzZjE2MDQ5ZGNkYTc2MmY3YjgyZmUzMDAyYTBjM2NiMGI4MDE5NzkxNDI2YjU0MTdkY2UyMRAAGgwIo8-3mQYSBAgCEABCAEoA&google_gid=CAESEDuv0ref2-R0mSfY3YKaqzY&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=d3b190f8-2352-47ac-8620-d93c1afa8445
Request Chain 317
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8fee632d-e79f-4400-a24d-1d97c0326103
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkE4RjVENUQtQ0Q5Ri00Mzc0LUFBNjMtQTkzRTUzNzE1OEY2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENuYaYP786c68KH36c-eHhs&google_cver=1
Request Chain 320
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:27B51453092447D2BF2D47D286C6E8A3
Request Chain 322
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10527164130562359916&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10527164130562359916&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=de7e6ac4-4aca-4e53-84d1-6f296b51a1cd&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10527164130562359916&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232893304283011601118&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10527164130562359916&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 324
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6A8F5D5D-CD9F-4374-AA63-A93E537158F6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-es2C3xhE2uXo1VK9rwYn_jTp91SdjvU-~A&gdpr=0&gdpr_consent=
Request Chain 325
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tQ7AC-YKk12uCMdctA_fCucOl1auW8JWtwROe5Tz
Request Chain 326
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFiMWQwYzU3YmY1NGYwMjBkMjY0OWZmNWM3ODNkMTQ1ODVlZTM4YQ
Request Chain 327
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/i-LExY4hJkePT7hrosRYGA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2032478179009483625
Request Chain 328
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&gdpr=0&gdpr_consent=&expires=30
Request Chain 329
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EQJ7UW-4-7HYR
Request Chain 330
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Av6cIrlxTyW_2uQ-njo8xA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Av6cIrlxTyW_2uQ-njo8xA
Request Chain 331
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aDnM8ovLRLqLI8JgcKAOQw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aDnM8ovLRLqLI8JgcKAOQw
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKEH6uO1EMoKmC9bvVkufDA&google_cver=1
Request Chain 333
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFUUo3VVctNC03SFlS
Request Chain 338
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 341
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28556856.345858790;dc_trk_aid=537689582;dc_trk_cid=178087208;ord=442779201;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28556856.345858790;dc_pre=COfT452zq_oCFdCScAodrpIBrA;dc_trk_aid=537689582;dc_trk_cid=178087208;ord=442779201;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Request Chain 344
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACMvU7GW88AAB40f0rw4g&expiration=1665162403
Request Chain 345
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3810868978671773715
Request Chain 346
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nnwAAAJwOyQN8
Request Chain 347
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=558f1ef6-60c1-98ff-5d1b76c6
Request Chain 349
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_632de7a30454e&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632de7a30454e
Request Chain 350
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5813278693740145724
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
Request Chain 366
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy3nnpaHoO2gg-757ik6gQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA_Epf6MQImB3q6WNDBM9l0&google_cver=1
Request Chain 368
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxMzI3ODY5Mzc0MDE0NTcyNA%3D%3D
Request Chain 400
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEmecvSnkzDFGgsZ3h8y9cU&google_cver=1&google_push=AZmPxg8bqrqJ6spkkb28FMZCUxv2c6sn7aE6xRtYWOVRNIfo_22FmosiCy0sj3Wuq_HyE1fq5git-OD-wr_lWHdoPh0GAdNexVH0EovJP0NhIzswsq1UHZCsuK-NCoWh6M4IQNKVAAxFpXM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzgxMDg2ODk3ODY3MTc3MzcxNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEmecvSnkzDFGgsZ3h8y9cU&google_cver=1
Request Chain 401
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE1QsJMhgH_CLxUeC6ECpPQ&google_cver=1&google_push=AZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlME9PV2Sk62uKHzdx1XA3iDqHY7yCj78v0A7kFJXPSNofsd&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlME9PV2Sk62uKHzdx1XA3iDqHY7yCj78v0A7kFJXPSNofsd%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE1QsJMhgH_CLxUeC6ECpPQ&google_cver=1&google_push=AZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlME9PV2Sk62uKHzdx1XA3iDqHY7yCj78v0A7kFJXPSNofsd&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlME9PV2Sk62uKHzdx1XA3iDqHY7yCj78v0A7kFJXPSNofsd%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 402
  • https://fksnk.com/cs/google?google_gid=CAESEA6uJGO4KEBokBFmgX3Ga2s&google_cver=1&google_push=AZmPxg-XboZPkilu-0uuw9QfTayk5mWtS8invDGoEdtowvKCgmLyMmeeBtkY2HsQWDkjT3F88U19wIiTvrPfaNTHF4jWFUjBLB7e9L3gowLHzpyf7BrxGlQVMwDp2qITCrNCk3cnQGVqw7o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEIwNjI1ODU3NTA4OUFGRQ==
Request Chain 403
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESELTyrPaAkJz-qdBHAuHlgcg&google_cver=1&google_push=AZmPxg9S-bm-QNVho_4mESfZ3QGmev8sXZGDPKpYdpH-fjD_tGAS5cxpA1Ky4KCKPPjit6w_Gq01oE_dQryH5nXrKes9_noBJ3OJIzvIQNUUhKRU9h-wd9B5pUee7MPHTw8gE930W3BUQ0wq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg9S-bm-QNVho_4mESfZ3QGmev8sXZGDPKpYdpH-fjD_tGAS5cxpA1Ky4KCKPPjit6w_Gq01oE_dQryH5nXrKes9_noBJ3OJIzvIQNUUhKRU9h-wd9B5pUee7MPHTw8gE930W3BUQ0wq
Request Chain 404
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAan0ZMslXtawj43_XAhsOc&google_cver=1&google_push=AZmPxg8lKrpEDQdJII7vnDMJPG5g6aRw1r6m47WcYOUMlAgNFSNPTcDuYWMaoRd4eVe0AX_AoQBuulU4Nch3V7kTeS79QFmKp8ccl78yA1I32giqx4yPlrqBhxHRUGB2QFPJDP_OTxUZJk4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQxNTQyMDg4NDkxNzM3Mzc2NDk1Ng%3D%3D&google_push=AZmPxg8lKrpEDQdJII7vnDMJPG5g6aRw1r6m47WcYOUMlAgNFSNPTcDuYWMaoRd4eVe0AX_AoQBuulU4Nch3V7kTeS79QFmKp8ccl78yA1I32giqx4yPlrqBhxHRUGB2QFPJDP_OTxUZJk4
Request Chain 405
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEDtPKRU2M82E0xCAhREyBeE&google_cver=1&google_push=AZmPxg8IYbEQ5YR-2gn6sXInuW1i5_meMTwB29zyGC9yQDcTe8t-PcCeZCoxKZ-T4DRtmAmDADXwDt3Bel7ZVc1nNwAc1LZJXdTmQUXtdp5_5iiY1aUYunIg4t4fL_aG_8zVjRI4LbbTEAlE2w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg8IYbEQ5YR-2gn6sXInuW1i5_meMTwB29zyGC9yQDcTe8t-PcCeZCoxKZ-T4DRtmAmDADXwDt3Bel7ZVc1nNwAc1LZJXdTmQUXtdp5_5iiY1aUYunIg4t4fL_aG_8zVjRI4LbbTEAlE2w&google_hm=QlMuZTMyNC01ZGZmLTQ1YWYtOTkwYg==
Request Chain 406
  • https://trace.mediago.io/cs/google?google_gid=CAESEMp0cOSylcc42JGygfOA73E&google_cver=1&google_push=AZmPxg_4rp_-4DcoOsF48w56i_7I3Ls60A3TnWfuxdPYoKkeRIoTCvFD4DxWO5aLi6Yw50-A61HgyJ8hX4PqXVXpjAl2OqOyMhFtObw-BTeuc8GWuxjMgFbF3op1CcowZJn6iVac4DnHX5V_BQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_4rp_-4DcoOsF48w56i_7I3Ls60A3TnWfuxdPYoKkeRIoTCvFD4DxWO5aLi6Yw50-A61HgyJ8hX4PqXVXpjAl2OqOyMhFtObw-BTeuc8GWuxjMgFbF3op1CcowZJn6iVac4DnHX5V_BQ&google_hm=YTA3ZTM4ZTc2NWVmZTU2OWY3ZDgxNjRkNTk5ZDQ1MWI=
Request Chain 439
  • https://fw.adsafeprotected.com/rfw/st/1179759/65813174/skeleton.js?ias_dspID=3&ias_campId=1009193284&ias_pubId=pub-9172700587175332&ias_chanId=1&ias_placementId=18349508807&bidurl=https://www.geelongadvertiser.com.au/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jjC-6O3hAXaiymdqPxxCfH&adsafe_url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Feff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Feff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e9e0cb88-c22b-e334-8c5c-b7b46ef75a5c,c:p3FLH8,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5b8fc68f79-wlf6f,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:1271,mot:0,app:0,maw:0,fm:tihio8B+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s*.1179759-65813174%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1s*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:1281,oid:19193736-3b62-11ed-8ec1-86980a66f61a,v:19.8.352,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

478 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.geelongadvertiser.com.au/
Redirect Chain
  • https://www.geelongadvertiser.com.au/
  • https://www.geelongadvertiser.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.geelongadvertiser.com.au%2f
  • https://www.geelongadvertiser.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2f&16639527891796740908
  • https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
514 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
0849e192d412d9aefaef3111bf3b0bf859a01b47980780b863b5dbaa647129af
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 17:06:33 GMT
expires
Fri, 23 Sep 2022 17:06:33 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.geelongadvertiser.com.au%2f%3fnk%3d08894a8a6f66376158817cd1139ca11b-1663952789&blaizehost=cdn.geelongadvertiser.newscorp.blaize.io&content_id=&session=08894a8a6f66376158817cd1139ca11b
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Fri, 23 Sep 2022 17:06:29 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
expires
Fri, 23 Sep 2022 17:06:29 GMT
location
https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
css-metro-desktop-lazy.css
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=24
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:33 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 23:57:16 GMT
server
nginx
etag
"632118dc-37"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 17:06:37 GMT
cache-control
max-age=4
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.geelongadvertiser.com.au/
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
860D34F77BA38487
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=520525
accept-ranges
bytes
content-length
11472
x-amz-id-2
avoTC2NKXkFw+HDvHrePN6/PXxdphINr2BHhbeU2Oasu30p5/MYwzidASRl9PT/0Mkio9qISG1A=
expires
Thu, 29 Sep 2022 17:41:59 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.geelongadvertiser.com.au/
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
45848B4AA7DC4868
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=251820
accept-ranges
bytes
content-length
12052
x-amz-id-2
romzxQzdw/EtyocjUv4Yb6IcUsxbsLC7IQJ97xaM37jA51fZfXYpM06R7S477KI+0aMA0Ss1vmw=
expires
Mon, 26 Sep 2022 15:03:34 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.geelongadvertiser.com.au/
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
FCF8ADA632D198B8
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=273942
accept-ranges
bytes
content-length
12440
x-amz-id-2
oeWzK3mopSMujwtL4cRr1jOkMCPYw86/if2l0DxfKQNugjCKoJ/BqmH/IUhd6DFZeNfsRtzp7sM=
expires
Mon, 26 Sep 2022 21:12:16 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.geelongadvertiser.com.au/
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
672844A1B3106FB7
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=283352
accept-ranges
bytes
content-length
11372
x-amz-id-2
2alR77jGZWXsneIpClUvKuJGmhvAzwUDvDwC+wP208/mw29141aR1CtRyJ8TmEJ5twsRek77oP4=
expires
Mon, 26 Sep 2022 23:49:06 GMT
ipad-interface.js
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75dc72f6edfcab5e5275c992c7f55f8f1ac3764db858c3d5babd39a7efb01add
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:33 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
nrt2 0 2 9980
last-modified
Tue, 13 Sep 2022 04:25:05 GMT
server
nginx
etag
W/"63200621-879"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 17:07:25 GMT
cache-control
max-age=52
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c25bfbbf57399794e2238727d4d7c9d681c86879e54d9950ab92bf0b34c9f7bd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:33 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
2968
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 23:57:16 GMT
server
nginx
etag
W/"632118dc-1dbd"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 17:06:46 GMT
cache-control
max-age=13
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:33 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
bom1 0 2 9980
last-modified
Thu, 25 Aug 2022 05:00:32 GMT
server
nginx
etag
W/"630701f0-2b9b"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 17:32:45 GMT
cache-control
max-age=1572
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.geelongadvertiser.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:33 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
nrt2 0 2 9980
last-modified
Thu, 11 Aug 2022 03:36:50 GMT
server
nginx
etag
W/"62f47952-7b68"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 17:06:34 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.geelongadvertiser.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:33 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
nrt2 0 2 9980
last-modified
Thu, 11 Aug 2022 03:36:50 GMT
server
nginx
etag
W/"62f47952-b62"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 17:06:34 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-geelongadvertiser/ 		241 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-geelongadvertiser/loader.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e28500bb610d2011d0b0cdef24277a95b9d73a9795604745f89eb837b42b531c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
eTP8otHYbeDSgRQMvuNRof9xW2oDo6t7
content-encoding
gzip
etag
"0b48b62eb3827b6967f882f12180154b"
age
99
x-cache
HIT
content-length
34565
x-amz-id-2
gKgnC3C+eVfdesQW7NoZLT/+98HeFUNHat+WmFsqJG/se3LeW3cz+nJyNUC7Kz2/vS84Yjs+r44=
x-served-by
cache-mel11247-MEL
last-modified
Thu, 22 Sep 2022 14:34:03 GMT
server
AmazonS3
x-timer
S1663952794.814256,VS0,VE1
date
Fri, 23 Sep 2022 17:06:33 GMT
vary
Accept-Encoding
x-amz-request-id
Z82DJFVG0QB3V1J0
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
94
x-cache-hits
1
geelongadvertiser.svg
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/geelongadvertiser.svg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8cbf227c1580348e4e511063501bd522bdaf596921965d05dcf405c181271219
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:33 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
6350
x-rq
sin1 0 2 9980
last-modified
Mon, 12 Sep 2022 06:51:56 GMT
server
nginx
etag
W/"631ed70c-3f60"
vary
User-Agent
content-type
image/svg+xml
expires
Wed, 19 Oct 2022 04:15:02 GMT
cache-control
max-age=2200109
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.geelongadvertiser.com.au/
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
824AAF5D7C0E0974
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=269785
accept-ranges
bytes
content-length
16112
x-amz-id-2
LDS87NWE3p8Bf+ymF030ghyvwjGWym7M5yduBJ56RLFeb0aFTHNCTDY/I5zLPadlPQo1o3bRwgE=
expires
Mon, 26 Sep 2022 20:02:59 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.geelongadvertiser.com.au/
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
3E6B2297214AA067
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=295813
accept-ranges
bytes
content-length
15948
x-amz-id-2
8rg52AGuxUjHGXXwxM7ePrOb1OYoH8V9AI8x2HUGqAxDPspN2Dfg0mzOwzWG52GBm2xL2knaIxM=
expires
Tue, 27 Sep 2022 03:16:47 GMT
408a3915916c543326a1914a2b067d57
content.api.news/v3/images/bin/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/408a3915916c543326a1914a2b067d57?width=1024
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
82fbc67349f866be3e601fea8f13d8827b9ca8c46d2387f2f737b6388a57f64f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
408a3915916c543326a1914a2b067d57
date
Fri, 23 Sep 2022 17:06:33 GMT
last-modified
Fri, 23 Sep 2022 07:00:31 GMT
server
Akamai Image Manager
etag
13de57993c991c5be0195e6bfc974cb2-408a3915916c543326a1914a2b067d57-1024
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5147644
access-control-allow-headers
x-newsapi-api-key
content-length
53887
expires
Tue, 22 Nov 2022 07:00:37 GMT
167c4454d23bb64fa2efab7070b4b664
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/167c4454d23bb64fa2efab7070b4b664?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7be34a0d538a57cebcb7648c62003d30426198fc4fe9d0203e5456558e06544f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
167c4454d23bb64fa2efab7070b4b664
date
Fri, 23 Sep 2022 17:06:33 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
8ff1c4dd64141155dad674eff21c52c1-167c4454d23bb64fa2efab7070b4b664-150
x-serial
1725
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5135114
last-modified
Fri, 23 Sep 2022 03:30:43 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
3777
expires
Tue, 22 Nov 2022 03:31:47 GMT
14a20467ebfd91b8d5fd9847be71e4f8
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/14a20467ebfd91b8d5fd9847be71e4f8?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1a4ac30d3c426134d6354a2407d4a9f8696b2f79ca8021714a8a2c87625ba4d6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
14a20467ebfd91b8d5fd9847be71e4f8
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Fri, 23 Sep 2022 06:07:45 GMT
server
Akamai Image Manager
etag
ae7c14c384ad8da5e2ca6ae0ca383eee-14a20467ebfd91b8d5fd9847be71e4f8-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5144447
access-control-allow-headers
x-newsapi-api-key
content-length
6391
expires
Tue, 22 Nov 2022 06:07:21 GMT
d1bfa9986ff1374f577f0626e5182b8a
content.api.news/v3/images/bin/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d1bfa9986ff1374f577f0626e5182b8a?width=650
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5f3b623c07cc006c4f38ae26cfdc31ed8e344ca57a86670c308e98bf958184c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
d1bfa9986ff1374f577f0626e5182b8a
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Fri, 23 Sep 2022 15:31:34 GMT
server
Akamai Image Manager
etag
2a55252ceb135ff945a8bdd9ec6a4c84-d1bfa9986ff1374f577f0626e5182b8a-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5178339
access-control-allow-headers
x-newsapi-api-key
content-length
33876
expires
Tue, 22 Nov 2022 15:32:13 GMT
d7c9856137d75a8e8ddf79c41e902d8b
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d7c9856137d75a8e8ddf79c41e902d8b?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
22d81786f15b35bde59e0ea8903a154056981094b970d6a9480c2c9d2ffe2f20

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
d7c9856137d75a8e8ddf79c41e902d8b
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Fri, 23 Sep 2022 15:33:29 GMT
server
Akamai Image Manager
etag
a51845098098606edfae534d00d22d13-d7c9856137d75a8e8ddf79c41e902d8b-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5178404
access-control-allow-headers
x-newsapi-api-key
content-length
5504
expires
Tue, 22 Nov 2022 15:33:18 GMT
dd20d0b15345aa0542ddf4cf916255e2
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/dd20d0b15345aa0542ddf4cf916255e2?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c130a53c2ee07a211e7562f303463b755514397b79f6799acfde02e0d6a03f02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
dd20d0b15345aa0542ddf4cf916255e2
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Fri, 23 Sep 2022 06:13:02 GMT
server
Akamai Image Manager
etag
40180da7541724f485a2f661748cd6e8-dd20d0b15345aa0542ddf4cf916255e2-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5144790
access-control-allow-headers
x-newsapi-api-key
content-length
5535
expires
Tue, 22 Nov 2022 06:13:04 GMT
9f166b75f342ff97ff07c8dfb32f401f
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9f166b75f342ff97ff07c8dfb32f401f?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
91f4ba84dc2d07b7a3de1ceba71429d81d31b16a9363d3e19bf5430759a2d6f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
9f166b75f342ff97ff07c8dfb32f401f
date
Fri, 23 Sep 2022 17:06:34 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
5c8719ac65c8edc7964ef65d388298d5-9f166b75f342ff97ff07c8dfb32f401f-150
x-serial
1173
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5146730
last-modified
Fri, 23 Sep 2022 06:45:46 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5251
expires
Tue, 22 Nov 2022 06:45:24 GMT
56a58aceb845ea743e7daa3aad69eb89
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/56a58aceb845ea743e7daa3aad69eb89?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
85804527fb3534fab3b0ef6db244e65e64b5772ab1a4422e70a884a9b3922027

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
56a58aceb845ea743e7daa3aad69eb89
date
Fri, 23 Sep 2022 17:06:34 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
2691c8b7e162b3587f155fca9e2724ef-56a58aceb845ea743e7daa3aad69eb89-150
x-serial
708
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5172960
last-modified
Fri, 23 Sep 2022 14:03:00 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
4889
expires
Tue, 22 Nov 2022 14:02:34 GMT
1e7b3fcfee6be260c06a225aed623d8a
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1e7b3fcfee6be260c06a225aed623d8a?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d850b578c978624e308887cde7afa3721989c6eb1559de6893396081dc9e926e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
1e7b3fcfee6be260c06a225aed623d8a
date
Fri, 23 Sep 2022 17:06:35 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
2e2443277983ccb473319afe2cd3696f-1e7b3fcfee6be260c06a225aed623d8a-150
x-serial
641
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5133419
last-modified
Fri, 23 Sep 2022 03:05:33 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
4044
expires
Tue, 22 Nov 2022 03:03:34 GMT
74b718238e9e954978d995e18678ed0e
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/74b718238e9e954978d995e18678ed0e?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
52d116ed6307a42cebd5bc05e8c0e9ce8f6197a077a227f7cae462fa669aa19c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
74b718238e9e954978d995e18678ed0e
date
Fri, 23 Sep 2022 17:06:35 GMT
last-modified
Fri, 23 Sep 2022 04:17:56 GMT
server
Akamai Image Manager
etag
37edc17662d2d53e5a453748d830f0e2-74b718238e9e954978d995e18678ed0e-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5137766
access-control-allow-headers
x-newsapi-api-key
content-length
3564
expires
Tue, 22 Nov 2022 04:16:01 GMT
4d2f7f21a754c3effef8e05833090002
content.api.news/v3/images/bin/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/4d2f7f21a754c3effef8e05833090002?width=650
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fbbd7cd3a5c7813105a07ebca16233e6823550e27ae0ef5a4e486ae372651962

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
4d2f7f21a754c3effef8e05833090002
date
Fri, 23 Sep 2022 17:06:33 GMT
last-modified
Fri, 23 Sep 2022 06:30:23 GMT
server
Akamai Image Manager
etag
fd6f36db5287e6660f7512136ebbab58-4d2f7f21a754c3effef8e05833090002-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5145723
access-control-allow-headers
x-newsapi-api-key
content-length
47308
expires
Tue, 22 Nov 2022 06:28:36 GMT
6a3690503c4d3761ddff243b46129cd8
content.api.news/v3/images/bin/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/6a3690503c4d3761ddff243b46129cd8?width=650
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4ccc3c14158e5399f119d8624d63cb18759c66bf2a2237e76b82bc4df89aea44

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
6a3690503c4d3761ddff243b46129cd8
date
Fri, 23 Sep 2022 17:06:34 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
5eee299b66cefa8eb31fd6638c00805c-6a3690503c4d3761ddff243b46129cd8-650
x-serial
1420
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5145489
last-modified
Fri, 23 Sep 2022 06:27:37 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
29314
expires
Tue, 22 Nov 2022 06:24:43 GMT
b6229911f7770ccd89cd4a79c1081304
content.api.news/v3/images/bin/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b6229911f7770ccd89cd4a79c1081304?width=650
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1f679a76fc3e51afef018d771da8d3df5d9c6842b4379d799e81ca22972438ea

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
b6229911f7770ccd89cd4a79c1081304
date
Fri, 23 Sep 2022 17:06:35 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
36bc13235924d581ebd1da002ce384cd-b6229911f7770ccd89cd4a79c1081304-650
x-serial
821
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5108220
last-modified
Thu, 22 Sep 2022 20:04:14 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
35750
expires
Mon, 21 Nov 2022 20:03:35 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
DD1C00137D88A30F
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=347427
accept-ranges
bytes
content-length
540
x-amz-id-2
rw9PfkM1p5l8SWgST9svZB024f8TQMKKOHg+sl20E7+7O+88haBQCFi9wjZuqC0ob64b+2TmWtk=
expires
Tue, 27 Sep 2022 17:37:01 GMT
Bob-Placement-350x197-1.png
origin.geelongadvertiser.com.au/wp-content/uploads/2022/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.geelongadvertiser.com.au/wp-content/uploads/2022/07/Bob-Placement-350x197-1.png
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.86 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f113e0743984ad398a7f12b9eb887f51bbf3d399d0a17b9e9d81e4643ff982f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
x-rq
syd3 118 20 443
last-modified
Wed, 21 Sep 2022 09:14:20 GMT
server
nginx
etag
"a0f28c5f2c1ce8cc"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17250
expires
Thu, 21 Sep 2023 09:14:20 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.132.218 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:06:35 GMT
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
PCVH53R347JFKJX0
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
zggYpV6I/ruaPU4RNXmo0cqWJI4xU1ZNHxYomCnXprVeOqMHf1KuP3cjR0M7s4ZxRCqLxGyqvFE=
games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.132.218 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:06:35 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
PCVV44Y1KZ4JFTFF
ETag
"2fa79b1c302fa407df95b287a47e01bc"
Content-Type
image/svg+xml
x-amz-version-id
mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges
bytes
Content-Length
4533
x-amz-id-2
FzKNeyQPz2G9wn+XdnrJbn6aP9C5InKnG6f+akjNL32p18OhTH2HT7cOLXiFPPnhbwXoKNwCVIc=
horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.132.218 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:06:35 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
PCVPQHADM5WPA806
ETag
"e9dc4230a2305a0cb7743e2ade763349"
Content-Type
image/svg+xml
x-amz-version-id
NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges
bytes
Content-Length
9223
x-amz-id-2
NL/y+2JR2thCsPPb4YI8iwaO+Lm1XT2o+iqtqHxb1oeXZopEQjaFPPQlJyEOwyzzztLWEZSwd/I=
braingains.svg
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/braingains.svg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.132.218 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:06:35 GMT
Last-Modified
Wed, 15 Dec 2021 03:04:45 GMT
Server
AmazonS3
x-amz-request-id
PCVNN5KSZJTD3PNB
ETag
"a5e3e51d1e5816755ebf71f5ea933857"
Content-Type
image/svg+xml
x-amz-version-id
BSPbSueNKMvcQ7CCwOmuub6mQNodfiBJ
Accept-Ranges
bytes
Content-Length
17305
x-amz-id-2
TJle/KqFJ3au+6I0qHQhHt15wvMJwErAdp+YmMkxmc3Rfsz7QkpIWSumSZsvVbfig4feLdPvTtA=
get_image.aspx
edition.pagesuite.com/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edition.pagesuite.com/get_image.aspx?pbid=cba2fc72-2ad9-401a-aa88-61280cdb853e&h=400
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-68.sin2.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0bdcf9fc4b88b33c29765b4b8e8d0d513b1441e9bf4081970364be14eecc0d64

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:05:24 GMT
via
1.1 d8bc31f1690f46d533b518410accf19e.cloudfront.net (CloudFront)
last-modified
Thu, 22 Sep 2022 19:47:17 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
age
70
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
private
x-amz-cf-pop
SIN2-C1
x-amz-cf-id
xxwKssaG8cQNqrwfG6QzOlbnB2n6Wx5BMGG8eFsJQlG7QMOITwepFg==
geelongadvertiser-white.svg
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/geelongadvertiser-white.svg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6e1fb131ab4c88c0be1d2f5103fb9348e999a77cb8f31f1e7d6c6729e62463bd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:33 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
6450
x-rq
sin1 0 2 9980
last-modified
Mon, 05 Sep 2022 02:42:35 GMT
server
nginx
etag
W/"6315621b-3f70"
vary
User-Agent
content-type
image/svg+xml
expires
Tue, 11 Oct 2022 11:54:55 GMT
cache-control
max-age=1536502
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 17:06:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"5092a440102d6488"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 17:06:34 GMT
/
www.geelongadvertiser.com.au/_static/ 		98 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmbGFmYWFmVEWAK/IIi4=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-rq
sin1 0 2 9980
vary
User-Agent
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
nginx
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Fri, 23 Sep 2022 17:06:34 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type
application/javascript
cache-control
max-age=4
is-https
true
x-opw
4
content-length
100749
expires
Fri, 23 Sep 2022 17:06:38 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:33 GMT
cache-control
max-age=58961
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
6D458CEDB3A3065E
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=330604
accept-ranges
bytes
content-length
535
x-amz-id-2
/ghuEfMYzVdT1HJA2HRm/ArOAD89cBLwGgiDohyXIuBCPXr8PnTVaKmMG020A+n1ERKq2VbH7d4=
expires
Tue, 27 Sep 2022 12:56:38 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.geelongadvertiser.com.au/
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
WJZFEKAV868PAH3T
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=260452
accept-ranges
bytes
content-length
586
x-amz-id-2
x7cUc8K3Nqvio5k2oj1hKPhGLOKKDlc9ZZdthM7JCSCOze+2jTSszuZIE8Pw/taK8sWkxeTtWhM=
expires
Mon, 26 Sep 2022 17:27:26 GMT
impl.20220922-16-RELEASE.js
cdn.taboola.com/libtrc/ 		687 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-geelongadvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
82098b75569948cc99fb49df0a4ec6f6e73a9e4e9b6937db3d8ba4516e281b14

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
vxfwVx6TpyMPFLnFtWbQr0NTQV9l9vZw
content-encoding
br
etag
"b6247ec22fba797cf6f51ae4c86a6509"
age
10132
x-cache
HIT
content-length
145469
x-amz-id-2
bSDC5i5y4M9CgzULBRUJ5gXgvJx+926zW+8Df6uxcRcjM2qh7Zlx603bLURyRMN9JOHvIwDjU8s=
x-served-by
cache-mel11247-MEL
last-modified
Thu, 22 Sep 2022 14:17:37 GMT
server
AmazonS3-br
x-timer
S1663952794.970771,VS0,VE0
date
Fri, 23 Sep 2022 17:06:33 GMT
vary
Accept-Encoding
x-amz-request-id
PCY1T23CYH4NX8SA
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
4
x-cache-hits
1876
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-geelongadvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-55.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:36:31 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
18033
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
UzZcVQyM9igsTPvP_IvPjWfAxmNeyGpvas6BayzINk45pgoPgsLjZw==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-geelongadvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.geelongadvertiser.com.au/
Origin
https://www.geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1046830
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
31NFQXEVQ27BWY92
x-amz-id-2
csLVKp+JlYXlxACew7TY7OLZ/yoNYwTsKfiyzoPb2KmZghi02BMmfkdcg21/WbRkF+RE4dfrvtY=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boIvSH%2BFZfuCBrDghMoE9EEH3nXcjfDJ9VUYi21GNr3zribwBFRoAymKCFIEyJm%2F%2F9z7zFN9THwUR843EawRcjHzzHNIDiZY8BfuSgLdpHr5rlcHVwJvjj0JCOycJ0n7RaPJRSMb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
74f4df254c4f5ab8-MEL
v2dha8x5YmVUXpLkiUfCys-nHRm3P6Re27YeLE9OuvP_l7wEkOFK-sTs4
bedsberry.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2dha8x5YmVUXpLkiUfCys-nHRm3P6Re27YeLE9OuvP_l7wEkOFK-sTs4
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.46.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
16.46.160.34.bc.googleusercontent.com
Software
/
Resource Hash
04271fbb61d53d2fe9837ce7053cc5138cb2da2f18d364bb026c790610d73e7f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-asia-east1
etag
"7dfca259dd3e4acf727daaffc6c599979779027c2aa78f0ad518a592f90c7a28"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-89bf
content-type
text/javascript; charset=utf-8
via
1.1 google
cache-control
private, must-revalidate, max-age=21600
date
Fri, 23 Sep 2022 17:06:34 GMT
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
trc.taboola.com/newscorpau-aud-geelongadvertiser/trc/3/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-geelongadvertiser/trc/3/json?tim=17%3A06%3A34.388&lti=deflated&data=%7B%22id%22%3A419%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1663857220499%2C%22vi%22%3A1663952794385%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.geelongadvertiser.com.au%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.geelongadvertiser.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.geelongadvertiser.com.au%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A12528%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1831.765625%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
396d53b9286fa651510b311b1a94c84e67aba276450d334e75893329dab19d7f

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
117
date
Fri, 23 Sep 2022 17:06:34 GMT
content-encoding
gzip
server
nginx
x-timer
S1663952794.433772,VS0,VE117
x-served-by
cache-mel11247-MEL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.geelongadvertiser.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
css-metro-desktop-lazy.css
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=24
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 23:57:16 GMT
server
nginx
etag
"632118dc-37"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 17:06:37 GMT
cache-control
max-age=3
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.geelongadvertiser.com.au/remote/identity/rampart/latest/ 		277 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
vary
User-Agent, Accept-Encoding
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=1724
date
Fri, 23 Sep 2022 17:06:34 GMT
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 23 Sep 2022 17:35:18 GMT
js-metro-desktop-lazy.js
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=24
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8189b423ab0098619e47b27fad28ed6e28457aadfe234403feb1ae9d21478909
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
25706
x-rq
sin1 0 2 9980
last-modified
Wed, 21 Sep 2022 06:44:57 GMT
server
nginx
etag
W/"632ab2e9-14ad1"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 17:07:08 GMT
cache-control
max-age=34
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=24
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 23:57:16 GMT
server
nginx
etag
W/"632118dc-1973"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 17:07:10 GMT
cache-control
max-age=36
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 17:06:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"5092a440102d6488"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 17:06:34 GMT
amp-story-player-v0.js
cdn.ampproject.org/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a3c9728730ffd33b100a65dc3ddcaf6632aa1667694acc96c29851c2acd32bb1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16103
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 17:06:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"0b0dda3fb8e87947"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 17:06:34 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663952794449&ns_c=UTF-8&c7=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&c8=Geelong%20Advertiser%20%7C%20Lat...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663952794449&ns_c=UTF-8&c7=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&c8=Geelong%20Advertiser%20%7C%20La...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663952794449&ns_c=UTF-8&c7=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&c8=Geelong%20Advertiser%20%7C%20Latest%20Geelong%20%26%20Region%20News%20%7C%20Geelong%20Advertiser&c9=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-55.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
H8CF3SX2H3tZs-HWeyp0ZUkRygCcGZXWyP-OToRnuCVqhW0gl5JoIw==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663952794449&ns_c=UTF-8&c7=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&c8=Geelong%20Advertiser%20%7C%20Latest%20Geelong%20%26%20Region%20News%20%7C%20Geelong%20Advertiser&c9=
date
Fri, 23 Sep 2022 17:06:34 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
Q9iPJzV_PRCZh-WiQs6xyWzQwAPkOdU2-wvPewgKrdXJB6QW69_naA==
x-cache
Miss from cloudfront
userx.20220922-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220922-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-geelongadvertiser/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3b9d32c29984765d47e9ecfa9f9a0318adda7920b4d8fde67b965a1161b03b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
Rop466o8w3GHuGp.qUtcSOWXpJVjStIH
content-encoding
gzip
etag
"db9444e762c7677565a6ea28981b5bc1"
age
119
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
0W6G6aYZ6dR6C1tEjVDjZIGhmXYvhlIYmnAvhiF48h4shAx15BVzWqQbtO65e2h4A31cdlMAQ5Y=
x-served-by
cache-mel11247-MEL
last-modified
Thu, 22 Sep 2022 14:24:10 GMT
server
AmazonS3
x-timer
S1663952795.656854,VS0,VE0
date
Fri, 23 Sep 2022 17:06:34 GMT
vary
Accept-Encoding
x-amz-request-id
0276HYZP7F8ED2G2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
72
x-cache-hits
3
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/ 		433 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
via
1.1 varnish
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
age
1808
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
3ttqq881QQXUSxQy4Ixj9WBENXbbKDlICk7ZijB4/1F94cx67WAbwO8vaP5M4qVY7YB2q0FKAD8=
x-served-by
cache-mel11247-MEL
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1663952795.656830,VS0,VE0
date
Fri, 23 Sep 2022 17:06:34 GMT
x-amz-request-id
10PM2F0SSEQTDN1M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
72
x-cache-hits
3
Ampol-TruckD-CR-TN-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/09/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/09/Ampol-TruckD-CR-TN-1.jpg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1c4008b51bbe867de90ac3952e411eecf72b3a397efd426daffdbf245b725420

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 23 Sep 2022 17:06:34 GMT
via
1.1 varnish, 1.1 varnish
age
183815
edge-cache-tag
624579379047860382018506181001673838349,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
cache-tag
624579379047860382018506181001673838349,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
379
req-referer
https://www.heraldsun.com.au/
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/09/Ampol-TruckD-CR-TN-1.jpg
content-length
12894
x-request-id
65f7929c8bd26ba6d3cdaa50592b84fe
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified
Wed, 21 Sep 2022 09:18:01 GMT
server
nginx
x-timer
S1663952795.669040,VS0,VE0
etag
"d0307659d5bf378a7d105ca7b7a3d96f"
x-served-by
cache-iad-kcgs7200063-IAD, cache-iad-kcgs7200159-IAD, cache-sna10751-LGB, cache-iad-kiad7000145-IAD, cache-mel11247-MEL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 3
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=ef9bab39d03b50840b8147c7ecb989e7,5b03bde7c7a7e69d3ef620c97c540d6b,25092a55fd45809d451e503200b9fe82,944996d954433f2a0602adc23d756cca,0b9c086e11851e5960e24453dca3a0c3,8a8b5c327417135fb74aed69fd660a75,9279f75a00d800b19f9ebdb7acabe576,b9bc7ce9c8df104a810d5ade785465f6,460476113aed2ae819f9726978af0115,b89bb98b88f42984c07af03932911739,e63c0b6904705e34f4e9711495e80438,a1a889554e17e512278cf938255a717c,a008cf88b5a9812459575c4b88e87cf5,4ca77dda99feb645e51101d48c8bc25a,1b3ffb73765bc4787fd555c0d0fe7cd4,26b7af62da789504a2a2595f9ef4ecd7,a2fbd3dc2ac7cec2d98f5458fa640430,a0ae64789213d1a5c09b5efdd8e2e2f2,38477ae20a7e27402323c982440065f1,219056d2a7bcbf299bd8a0ce0618a7f1,d7fd66f36c3a69be2d72a578865c91cf,20c1f32a7b2b97613878d7df1ffe4d23,ad7aaec48b18377bf1d489f64d7eae7d,1c6cbca4487450c7425fc5f226baa9c1,be671ee6bfd3654f5cbd9b658726773f,3d9744c19d31ee3aaf067561d9a08f40,0be36bace6fef4217c7d698fe1fe0ca8,06fc3778e50bbe79869d3833344fbbd8,c5773ae7c0bf83568891ea573779cb3e,ba5470bfe2369e7c8e7d5c193848cc40,35309cebab4e93a79181b6e123bbe20e,b5928b4ac9b0958399ee45747db0bd89,97e5ed14bfeeeacc06795920b52e1ca0,e261e485443d3f7570ffe7a768142f43,5e586014b5ca02802509173146ae015a,d67afc620c5256c7fcb8cacd39f6ce06,396ea73b3be62f3d08e7eb32bb146b24,753b150f8d32a6e51d117b30009537b3,b5afcc9dd6b939ca89bba38394e11f74,44e10f4ac2e18ed1714e75e8fc134985
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
357f53c086a955bfd3e19e2b846e7cf8615a6d3416b4572a06f31957afda3a47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.20.1
etag
W/"5d2-ilAS/Hp5ZrC9I5U5VVEef+h7zFs"
x-download-options
noopen
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Fri, 23 Sep 2022 17:06:35 GMT
x-talk-trace-id
14bdf2e0-3b62-11ed-9b3f-abbba80f3490
vary
Accept-Encoding
content-length
841
x-xss-protection
1; mode=block
3220
www.geelongadvertiser.com.au/wp-json/api/weather/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-json/api/weather/3220
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c7f13a6d19a7ac0d6e515879002fe3df6121f8f9b49d6d68015b07835765469e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
vary
User-Agent
content-length
1707
x-rq
sin1 0 2 9980
expires
Fri, 23 Sep 2022 17:06:35 GMT
server
nginx
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
716b33145b370fb6543c1027a84f446e
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/716b33145b370fb6543c1027a84f446e?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
20633ffd0839aa4a1f2c78018819714a539e4b7258b121bf554f5b693fcab943

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
716b33145b370fb6543c1027a84f446e
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Thu, 22 Sep 2022 01:44:48 GMT
server
Akamai Image Manager
etag
20a292a254132e5cb0d579f279a1a41a-716b33145b370fb6543c1027a84f446e-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5042244
access-control-allow-headers
x-newsapi-api-key
content-length
6953
expires
Mon, 21 Nov 2022 01:43:58 GMT
b28d3b50aa07c5dfa0c2c4f11130e90e
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b28d3b50aa07c5dfa0c2c4f11130e90e?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
adec382ca36a045ef64cf9635685e4a499976d6bae74bb23a7d1500d74a5499b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
b28d3b50aa07c5dfa0c2c4f11130e90e
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Wed, 21 Sep 2022 23:13:55 GMT
server
Akamai Image Manager
etag
5c7c4d4a6f6c7e1cc65384b8ca351975-b28d3b50aa07c5dfa0c2c4f11130e90e-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5033208
access-control-allow-headers
x-newsapi-api-key
content-length
5208
expires
Sun, 20 Nov 2022 23:13:22 GMT
5a64907f8e29e4900c5856ccdaa9a629
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/5a64907f8e29e4900c5856ccdaa9a629?width=150
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9a3d3a4e615b63d4cdee5ce59bb89aefe44094b57df9f693c8c207139a6d8424

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
5a64907f8e29e4900c5856ccdaa9a629
date
Fri, 23 Sep 2022 17:06:34 GMT
last-modified
Thu, 22 Sep 2022 00:37:03 GMT
server
Akamai Image Manager
etag
6dc9fad7c8dba364c8bed41ce7445c59-5a64907f8e29e4900c5856ccdaa9a629-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5038206
access-control-allow-headers
x-newsapi-api-key
content-length
6420
expires
Mon, 21 Nov 2022 00:36:40 GMT
authorize
login.newscorpaustralia.com/ Frame C481 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=4OspvnspgmBMJamkQ3qR5FUsyivd4tGp&nonce=0KLsx3JMxekzwOfkfnJeGykDBcsJRocw&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.97.250 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-97-250.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
4f01b16679c83ca467b31820055419a587f86eb4518b4b7add197bea61e8b971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
74f4df2b9dbee304-HKG
content-encoding
gzip
content-length
807
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Fri, 23 Sep 2022 17:06:35 GMT
expires
Fri, 23 Sep 2022 17:06:35 GMT
ot-baggage-auth0-request-id
74f4df2b9dbee304
ot-tracer-sampled
true
ot-tracer-spanid
7f354d2b09c2dc5d
ot-tracer-traceid
4f23c63d5b0bbfb9
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-7f354d2b09c2dc5d-00000000000000004f23c63d5b0bbfb9-01
tracestate
auth0-request-id=74f4df2b9dbee304,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 544 0 pmb=mTOE,3
x-auth0-requestid
7a9d8955ccd43c3ca8f8
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1663952796
utag.sync.js
tags.tiqcdn.com/utag/newsltd/gea/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.sync.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8b4124ec14802e257c9c454de76f06cd89cc9cbe0b15e4d4e748dd3375ebd0fa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 03:46:36 GMT
server
AkamaiNetStorage
etag
"eb6bdb017b7346faf6862516b3b97168:1662349596.602486"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1284
expires
Fri, 23 Sep 2022 17:11:35 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/gea/prod/ 		73 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
79faae7cce89185fadfe012d9cd154c8ccda2e5d9c171000ef0284f927e11e10

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 03:46:36 GMT
server
AkamaiNetStorage
etag
"a278764894a855e97e6906fcb907da08:1662349596.054168"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
18657
expires
Fri, 23 Sep 2022 17:11:35 GMT
js-c3po-bundle.js
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		191 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=24
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
78693f617638dd93eb7434a37d1b06bfbc4765dd09b850f5948aaded63db14de
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
45641
x-rq
sin1 0 2 9980
last-modified
Wed, 14 Sep 2022 00:46:05 GMT
server
nginx
etag
W/"6321244d-2fa6a"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 17:06:49 GMT
cache-control
max-age=15
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=24
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
66849d32bc3bc530db5d7111e5c6cba07d63a6c49b288b4e03ad7a1f480337c9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:34 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
3368
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 23:57:16 GMT
server
nginx
etag
W/"632118dc-211b"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 17:06:43 GMT
cache-control
max-age=9
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
mynews-promo.png
www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-157.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
is-https
true
x-opw
4
content-length
373561
x-rq
nrt1 0 2 9980
last-modified
Mon, 19 Sep 2022 04:27:50 GMT
server
nginx
etag
W/"6327efc6-5b713"
vary
User-Agent
content-type
image/png
expires
Wed, 28 Sep 2022 06:42:20 GMT
cache-control
max-age=394545
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-8.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
age
16101
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a84eb604396158af577c875ac569048a.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Fri, 23 Sep 2022 12:38:15 GMT
x-amz-cf-pop
SIN2-C1
x-amz-cf-id
Q4VoUEfAaSc9Ctj__YwJ3YSL9nSEzfXypIxZrDbS7-1vksgzbM37PA==
skeleton.js
static.adsafeprotected.com/ 		17 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2dha8x5YmVUXpLkiUfCys-nHRm3P6Re27YeLE9OuvP_l7wEkOFK-sTs4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
age
19019313
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ILeOEs-YPVNzzpekgnxHuMJwVL9JaUFldECjVF3DDX-adACTcLZ2yw==
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
cache-control
max-age=71386
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16639527955540.5254407796508069
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
839
expires
Fri, 23 Sep 2022 17:06:35 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-91-15.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:53:05 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:51:11 GMT
server
nginx
age
810
etag
W/"62d7517f-1181e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
u-WKtsf6y2N2xFwTWP7DXZ33tDmZDtNtuWdkGoaOLV8qWaF84GHPOA==
expires
Fri, 23 Sep 2022 18:53:05 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		184 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36e299f45673885e6b5d62d38c3b76d863aa2a0b511a2c1327359273380703a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"9eb05ec342e2e8bb70ca106d47373e89:1663130616.359726"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=35979
content-type
application/x-javascript
tad.js
tags.news.com.au/prod/tad/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e70bd440c10e5906797794cb77fa09cede63306250588bce7ed75f466b41884d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"08fe99de660944ffd677aa09c2ad8154:1663643873.920173"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=43885
content-type
application/x-javascript
content-length
33375
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
1edfc18b553353ded6c3c93cb4ecc146d8237545c675ba362501b8cd0533634a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27803
x-xss-protection
0
server
sffe
etag
"1342 / 656 of 1000 / last-modified: 1663931382"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Sep 2022 17:06:35 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 17:05:28 GMT
via
1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront), 1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:32 GMT
server
AmazonS3
age
69
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
SIN2-P2, SIN2-P2
content-encoding
gzip
x-amz-cf-id
66XS0KAejG3vccJx1r-x1e0RFIS7Y7Lg_799F_KjS-0gMAnZlGvpaA==
prebid.js
tags.news.com.au/prod/prebid/ 		362 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
42ffbcd5fae6a0eda00246031330f0c87d21ec4c9451787199c02d49746a3d12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"38085f66de7dcd7c22d408e9044e03b1:1655686301.436641"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=39391
content-type
application/x-javascript
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		126 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-12.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0422c1be425a330e066dc9ac7ba5d76e323e757b3ddc2a95c5319e2ca5090968

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
HE1xTUGQPvbYegvSQqoru0pjiqV0i.E5
content-encoding
gzip
etag
W/"c331a61ccc8287ce655141bd19a0411f"
last-modified
Mon, 19 Sep 2022 04:16:45 GMT
server
AmazonS3
age
2877
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0676a5fe6935c768360b164abce6620e.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
date
Fri, 23 Sep 2022 16:18:39 GMT
x-amz-cf-pop
SIN2-C1
x-amz-cf-id
s2rIUeOCLWADXydi2qWncjhNjMLZBCZq2L-DMOao6QrPdom-12mWcQ==
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=64687
content-type
application/x-javascript
content-length
9840
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
c4TrrHUjoINJ7hKRqr0krNCgBqpVNzrLcNb4c1ND1L/iAbQnjwzleDBdBpPg1Mqkp+S9WsRV+Qy/VAyVEIiatA==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 23 Sep 2022 17:06:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:03:55 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
Age
161
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
SIN52-P1
X-Amz-Cf-Id
1b_Xl1t2pgRtO_YKcxm1UzcOpIssW94LDJ0ODWvTp7SOqafdPctXmw==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-09-23T17%3A06%3A35.571Z&country=au&newsconnectId=&fpid=08894a8a6f66376158817cd1139ca11b
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.16.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-16-11.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6b730edf21a86d294536eabb0a85ae47e9469a13bf44e508902343f3f64121ff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e0048d90172ebbb946617c24a981dbc8a4d585329c16ecd3eeac25d6a0acd58
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
G_uOFaRAX6MbltPrZ4eQxYjXSVaorpvs
content-encoding
gzip
etag
"d3a4ba724c6dc4f78dd9808b516fecba"
age
305433
via
1.1 varnish
x-cache
HIT
vary
Accept-Encoding
content-length
520
x-amz-id-2
T3GZEFkLDo9N8/3VTBJpi188JWOEJYpe5g6gfVvQPE58ZvWEOCBaByhiwn48eOXBGoly88KOHUw=
x-served-by
cache-mel11273-MEL
last-modified
Tue, 20 Sep 2022 04:16:03 GMT
server
AmazonS3
x-timer
S1663952796.828357,VS0,VE0
date
Fri, 23 Sep 2022 17:06:35 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
73HQHDHHEYFP1R1P
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
253559
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 17:06:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
age
416
etag
W/"68154020ef14b5881614607902c7c21b"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
74f4df2f4f62df99-MEL
x-amz-request-id
AGVQ42H585Y6XTD5
x-amz-id-2
r9hllPMLzNEYnU3swJXcEwKssC39JhI8AZXWHVVaG+7VxlSjWm0FNcWZNPXHsNiMlMq1IA2cRX0=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.78.217.66 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-66.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
content-encoding
br
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
strict-transport-security
max-age=86400 ; includeSubDomains
accept-ranges
bytes
content-length
20617
expires
Fri, 23 Sep 2022 18:06:36 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8ab9b143c1a9f51f38c62db005fb4b49572e4d796f0e74e6b3b56ee41036f954

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"09c229fdb7af1d8ac7248f68a4e2145d:1657170208.878739"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=20248
content-type
application/x-javascript
content-length
2231
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
21f20f84cde9b9bb5d03446360d1909696d9e346bd970e8306a3d0565a82fc82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f195a817810e0c6b1880a6e2edc2d073:1660712926.791363"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=75546
content-type
application/x-javascript
content-length
7136
geelongadvertiser.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/geelongadvertiser.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02db6085d2b384c5a8c4162969f767c00291344634e081fd124b0b48822818a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 16:40:45 GMT
server
cloudflare
age
1551
cf-polished
origSize=5864
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7AWkLiI8DatDzOfmzPZqLsOrLuCaZppqwlsNUD7OWgib3zQj7CGzreKf8Ll3QDEYpNAUPgljhoF1pSkGe1vK%2FDNk%2ByAtqGMZMYjQHLIx9NDAtcbL6VAv9f3IGc01ekViZS9MXiQ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f4df310a5f5a61-MEL
cf-bgj
minify
utag.668.js
tags.tiqcdn.com/utag/newsltd/gea/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.668.js?utv=ut4.46.201910010244
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f6b0db93e80409a03e7ad626a8fc83e337afa51ecd565543f6c09231d7d9538e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 04:43:32 GMT
server
AkamaiNetStorage
etag
"a239b75a228957b214063839476fe6b3:1631767412.219532"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
900
expires
Sat, 08 Oct 2022 17:06:35 GMT
bulk
trc.taboola.com/newscorpau-aud-geelongadvertiser/log/3/ 		0
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-geelongadvertiser/log/3/bulk?route=HK%3ASG%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
98
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1663952796.708867,VS0,VE98
x-served-by
cache-mel11247-MEL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.geelongadvertiser.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.97.250 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-97-250.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/csp-report

Response headers
2970e277
login.newscorpaustralia.com/akam/13/ Frame C481 		0
0
1McDhLIVMB
login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/ Frame C481 		0
0
indies-loader.js
ts2020-indies-client.web.app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2b47f6850e47a047f2dce76569a61df775d7504fe64716ec66af316ab80e489
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 08 Sep 2022 01:41:49 GMT
x-timer
S1663952796.323227,VS0,VE0
etag
"dda6d8f74d0e858612ec503761d52ecaea214cb075d9052ffc7fb232c4add592-br"
x-served-by
cache-mel11220-MEL
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Fri, 23 Sep 2022 17:06:36 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2355
x-cache-hits
316837
extended-access.js
subscriptions.geelongadvertiser.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.geelongadvertiser.com.au/google-loader/extended-access.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.97.250 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-97-250.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6586fcb06dd096b64abb602bc66800564691569011681db3f8b0cc59083be81d
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 05:33:06 GMT
x-amz-cf-pop
NRT20-C2
etag
"6b6402adbcd2faa698b56a9b0e92a7c8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1
strict-transport-security
max-age=600
accept-ranges
bytes
content-length
66273
x-amz-cf-id
0CWkFC8ogHhrY_h16FGgNOzu4dgyR7OPVf6ZZe4E1C7lHf0plXbedQ==
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
26807
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
fPWXzgX4fa0p5Qftf89BXbnhAcw3OLa3UkWHAWtZ8jjxrKIT5q6/DtyjTnt7TmOBqhTbObhKjBE=
x-served-by
cache-mel11247-MEL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1663952796.843434,VS0,VE0
date
Fri, 23 Sep 2022 17:06:35 GMT
x-amz-request-id
9VJ0B972ZW7702WT
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
72
x-cache-hits
1363
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-160.pacnet.net
Software
AmazonS3 /
Resource Hash
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 08:55:48 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P1
etag
W/"095a7b562e641bfc203fc3ef9697c6bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
21384
x-amz-cf-id
Mg-PJrPZYvUFlAGyPVC9EWlvXHDkYYQUS1sjVFkZHnJNCU2RdwDlbg==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/gea/202209050346&cb=1663952795804
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:35 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 23 Sep 2022 17:16:35 GMT
P9639CC51-2F11-48E8-B888-393496680A12.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/P9639CC51-2F11-48E8-B888-393496680A12.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-39.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c261147bf4256326fe74979596ca8fb13dae170d9b7586b1edbf7f0bb2fe9cf6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
osiFhC4BsEukeAQaNcBwSQJMz_8TzyAj
content-encoding
gzip
etag
W/"b76e8b8476a48119b813a1c358420395"
last-modified
Fri, 23 Sep 2022 11:17:50 GMT
server
AmazonS3
age
91
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d349739893df3b59b8ea4953ff21a5e8.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Fri, 23 Sep 2022 17:06:28 GMT
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
qQd_1rAbmuAcKjDAqV1K0DIX12uNNpbxl5onOnRoM2Edyq81iWHWtg==
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=489afafc6f9fc3af8d3075f102e0d238&timewithTz=2022-09-23T17:06:35.571Z&country=au&newsconnectId=&fpid=08894a8a6f66376158817cd1139ca11b
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.16.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-16-11.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=geelongadvertiser.com.au&p=%2F&u=BCwM50ukdcCBXmWUj&d=geelongadvertiser.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12920&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=8125&t=D9zuhEBwa8QUBg140YxOJCF8hxNJ&V=136&i=Geelong%20Advertiser%20%7C%20Latest%20Geelong%20%26%20Region%20News%20%7C%20Geelong%20Advertiser&tz=0&_acct=anon&sn=1&sv=CBD_4bDyr62zDEd0I8D1bL9-Bk0wMG&sd=1&im=062b0733&_
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.174.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-174-233.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:36 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663952796171
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663952796171
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663952796171
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
febaeef766f89b12b6bb183eda9765ec606541d7745d34d7a14d2ee6a07c3188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v038-0ab0c1be6.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
OSmamYrmSQ0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1565
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-apse-2-v038-033eed0b4.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
X-TID
tet9ZdCsQRY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663952796171
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:55:33 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
51064
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 ac187c6f8a07d8e2befb08fa6809bc08.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
SIN2-C1
X-Amz-Cf-Id
SKNs1WWA3ghFVR1Jdn_nFOJG8VXNhPIRl3auhNrN_3SNfcYpKWymCA==
316290525736583
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/316290525736583?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
c853664140e6ba15f2e1e5800cf192893a81e742044e27df50fa3d5c4d357cd2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85851
x-xss-protection
0
pragma
public
x-fb-debug
nqhjj+pYEycajttaxh7FTedc33RGjdOwXkrWUm731KJep0uFRXuPeV028hnNscz7NCnWiDcfMKOexGZZR5E7YQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 23 Sep 2022 17:06:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:36 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
content-type
text/plain
access-control-allow-origin
https://www.geelongadvertiser.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Fri, 23 Sep 2022 17:06:36 GMT
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 11:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194533
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 21 Sep 2023 11:04:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		115 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.geelongadvertiser.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
20f49f0db7532ac0db43a8e565d818845e15162ff2d73d0ef03b6d787dfb4430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97
x-xss-protection
0
expires
Fri, 23 Sep 2022 17:06:36 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.geelongadvertiser.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:05:28 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
server
Server
age
68
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.geelongadvertiser.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
5BZxo_-5Ba12XfaZtCDDcLlXsucppjuauX-ibPyZ1Ad06sNCNPKngw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
19249
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
date
Fri, 23 Sep 2022 11:45:48 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3c5649f7d49e8f5b916e18a72b919074.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
8btiab5o2bo9uri6TVGcH4yqZdtpNzwZgvWdK9Gj8jvUa7hUvPxHtw==
campaigns
resourcesssl.newscdn.com.au/indies/ 		46 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22geelongadvertiser.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
5ba313b7fa9dd06ba89db2a1f6c6642375203f081bf64563d8571e0ef07a0739
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"2e-plev5r3ULIxi7VsUGbEefPcqbKs"
x-powered-by
Express
date
Fri, 23 Sep 2022 17:06:36 GMT
x-cache-hits
0
content-length
66
x-served-by
cache-hkg17935-HKG
server
Google Frontend
x-timer
S1663952730.885109,VS0,VE314
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
cd8abc51143ff714c32061cc1704393d
cache-control
private, max-age=1734
function-execution-id
8hjr8lf3bxmb
accept-ranges
bytes
x-orig-accept-language
en-AU,en;q=0.9
x-country-code
HK
expires
Fri, 23 Sep 2022 17:35:30 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22geelongadvertiser.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.71.49.6 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-6.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.geelongadvertiser.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1800
content-type
text/html
date
Fri, 23 Sep 2022 17:06:36 GMT
expires
Fri, 23 Sep 2022 17:36:36 GMT
function-execution-id
8hjrb3p1hx1s
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
c4ef4816ea1571c39cb172ad8ba90a26
x-country-code
HK
x-i
true
x-powered-by
Express
x-served-by
cache-hkg17926-HKG
x-timer
S1663952796.476844,VS0,VE215
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=0a32300b-926c-4527-972e-7a0727bd0c6b&toploc=www.geelongadvertiser.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/geelongadvertiser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a547c4128d0639e5707d680eeee4cf5ff5cdfed9893dbed7c8ee69fb02ebdff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 16:40:46 GMT
server
cloudflare
age
1550
cf-polished
origSize=44104
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YU7u743DVplPl33Kk%2BwX%2BMYTZW4%2BDS9jcPblMXv3RBBsxl4FTGTOezAz6MVuK7g6dy2nKvnmvPKlPtTVnnsjQ%2F%2FKoELkQN3Fb35WcKKSARwmEJ4VKAMe5fsx9heJypGUKvc4vQu4"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f4df31bb065a61-MEL
cf-bgj
minify
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220923
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7538
x-jsd-version
1.0.1472
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19156-FRA, cache-yyz4566-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-5kcFU4ELpJ/3TUqY2DoFFkrnMcY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbKh95I3qt8XTmF2NsAaajYTf62PynJoRKr0KRoCHVtwWI4OCCahFdICfIMYWndKV885%2FgYA4s9THm7Rn286KgP4dGYy8s9KkQt%2Fx7nDONZN8PgeROQS2pUf8LzuMH9wMuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74f4df334a1b5a91-MEL
door.js
au-script.dotmetrics.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13074
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
baae97b99d616b21dccac39f872a4c35501f6ead947cd40cab95a435b378769c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"13074...214.2022092317"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 d454a4131cad7323027c4a71e9d4c5d0.cloudfront.net (CloudFront)
cache-control
private
content-type
application/javascript
x-amz-cf-id
MRSd7pomaJ6L9mQrgRcgc8Kn51ts-bpurhcKcEqem03OVgwgXHpmtQ==
c.js
collector.brandmetrics.com/ 		0
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=0a32300b-926c-4527-972e-7a0727bd0c6b&toploc=www.geelongadvertiser.com.au&rnd=8595656
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=0a32300b-926c-4527-972e-7a0727bd0c6b&toploc=www.geelongadvertiser.com.au
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
content-length
0
content-type
text/javascript;charset=utf-8
v2xlo7Q1oQ6Se5eE3RBASldlvS51MVDuyB0CzsY4aydSQlcXt0buIl4p3i8TfN6JD-oJJV7PiVA
bedsberry.com/ 		187 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xlo7Q1oQ6Se5eE3RBASldlvS51MVDuyB0CzsY4aydSQlcXt0buIl4p3i8TfN6JD-oJJV7PiVA
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2dha8x5YmVUXpLkiUfCys-nHRm3P6Re27YeLE9OuvP_l7wEkOFK-sTs4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.46.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
16.46.160.34.bc.googleusercontent.com
Software
/
Resource Hash
f05c06822b1006eb518f3f04bd36481e3e84c7b41b2c61f33d3e832eaf10f4d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
x-datacenter
gce-asia-east1
date
Fri, 23 Sep 2022 17:06:36 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.geelongadvertiser.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-asia-east1-spot-89bf
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 23 Sep 2022 17:06:35 GMT
swg.js
news.google.com/swg/js/v1/ 		147 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f139.1e100.net
Software
sffe /
Resource Hash
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46294
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 20:41:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:25:36 GMT
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 42B4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EQJ7DM-G-CRK2
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EQJ7DM-G-CRK2
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Fri, 23 Sep 2022 17:06:37 GMT
via
1.1 varnish
server
nginx
x-timer
S1663952797.338617,VS0,VE94
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-mel11247-MEL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EQJ7DM-G-CRK2
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 42B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPHBDazrA_P7d5V4C4l3UHw&google_cver=1
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPHBDazrA_P7d5V4C4l3UHw&google_cver=1
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
95
date
Fri, 23 Sep 2022 17:06:37 GMT
via
1.1 varnish
server
nginx
x-timer
S1663952798.705623,VS0,VE95
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mel11247-MEL

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPHBDazrA_P7d5V4C4l3UHw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 42B4 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a:$UID
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 42B4
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
date
Fri, 23 Sep 2022 17:06:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
167642
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 42B4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
97
date
Fri, 23 Sep 2022 17:06:37 GMT
via
1.1 varnish
server
nginx
x-timer
S1663952797.322337,VS0,VE97
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mel11247-MEL

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 42B4
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:37 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 42B4 		49 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-AU
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-6db8fcb759-qvqps
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 42B4 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:37 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 42B4 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.123.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-123-47.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:38 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 42B4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=574e972a-fd35-40e1-86c6-9caee590171f
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=574e972a-fd35-40e1-86c6-9caee590171f
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
167649

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:37 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=574e972a-fd35-40e1-86c6-9caee590171f
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
830045
content-length
0
expires
Fri, 23 Sep 2022 00:00:00 GMT
input
cookie-matching.mediarithmics.com/ Frame 42B4
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=5813278693740145724&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOns7eNUVZjl5uUhH8DU6iy_eEN58NMVgngnvi4Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=8fee632d-e79f-4400-a24d-1d97c0326103&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&ttl=%%TTL%%
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/3/5.gif?puid=3185137231455762506&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/2/6.gif?puid=ded0e195-bc6b-49de-ace2-e5a7fe71ddeb&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/1/7.gif?puid=24E804CDC5B52AF&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
0
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 42B4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=57b2e5f1-50ce-4a68-a0bb-c946b788739a
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=DN4p-HfXJaWJ-Wg&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6b38cf62-f3ea-4952-8c0a-9f3fa1097def
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6b38cf62-f3ea-4952-8c0a-9f3fa1097def
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
171303

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6b38cf62-f3ea-4952-8c0a-9f3fa1097def
Date
Fri, 23 Sep 2022 17:06:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 42B4
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7a4f73a9-7269-462d-abc4-cea1c0ede64b
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7a4f73a9-7269-462d-abc4-cea1c0ede64b&tbid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&query=taboola_hm%3D7a4f73a9-7269-...
0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7a4f73a9-7269-462d-abc4-cea1c0ede64b&tbid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&query=taboola_hm%3D7a4f73a9-7269-462d-abc4-cea1c0ede64b&isDirect=0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1663952800.607956,VS0,VE149
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mel11247-MEL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=7a4f73a9-7269-462d-abc4-cea1c0ede64b&tbid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&query=taboola_hm%3D7a4f73a9-7269-462d-abc4-cea1c0ede64b&isDirect=0
date
Fri, 23 Sep 2022 17:06:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
171857
sd
u.openx.net/w/1.0/ Frame 42B4
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 17:06:37 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
xuid
eb2.3lift.com/ Frame 42B4
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 23 Sep 2022 17:06:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 42B4 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.95.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-95-9.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:38 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame 42B4 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:39 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 42B4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=xndX1fFvRuFkqKQs3niHs2fR_nE
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=xndX1fFvRuFkqKQs3niHs2fR_nE
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:39 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
172465

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=xndX1fFvRuFkqKQs3niHs2fR_nE
Date
Fri, 23 Sep 2022 17:06:39 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/ Frame 42B4 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=453&user_id=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:06:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
t.adx.opera.com/ Frame 42B4 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 42B4
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a54b6a43-1d7e-4f75-ba89-c5e8471b2832
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a54b6a43-1d7e-4f75-ba89-c5e8471b2832
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
173121

Redirect headers

date
Fri, 23 Sep 2022 17:06:38 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=a54b6a43-1d7e-4f75-ba89-c5e8471b2832
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
NrP0zRqJgdqCAFOGjLJOgaX1BFZQx8TJ
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
251
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
jVRaPBrlJINKGRlE+TEZITMhVnn0x1YdhtVr0GY67doy48gXtgSPDYZtb5ckgwFuMWO1hbQiHXg=
x-served-by
cache-mel11247-MEL
last-modified
Thu, 15 Sep 2022 14:11:45 GMT
server
AmazonS3
x-timer
S1663952797.658016,VS0,VE0
date
Fri, 23 Sep 2022 17:06:36 GMT
vary
Accept-Encoding
x-amz-request-id
1587YHA6ZSH67WTZ
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
72
x-cache-hits
97
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.210.135.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.geelongadvertiser.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Sep 2022 17:06:37 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.210.135.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 17:06:37 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame E291 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
2748
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 23 Sep 2022 16:20:50 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 4efbd5b290462fbd5ee9b1de5f123e2a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
XohYDgayKnEl41bgofvgJ9gbNOhvnNEUEK2fPGcmDrHDLSX4fQtNVg==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/ 		108 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=08894a8a6f66376158817cd1139ca11b&&bust=16639527966600.06086908315796191&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-108.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
c66c1e800bb02079a3968537d100001b1db78ae8c35f163d1798f381711c27d8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.geelongadvertiser.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
yFjdkXcTRegA2do_NRv73r5lI3IydbiiD3VUnefSVfHoxWedxUFT3Q==
/
pips.taboola.com/ 		4 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:36 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mel11262-MEL
access-control-allow-methods
GET
access-control-allow-origin
https://www.geelongadvertiser.com.au
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P9639CC51-2F11-48E8-B888-393496680A12.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-39.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding
gzip
etag
W/"81a9e2a298d0019660cb2966f0c24748"
age
2323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
date
Fri, 23 Sep 2022 16:27:54 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 d349739893df3b59b8ea4953ff21a5e8.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
v0UR8Hyjr_Op3GbL7N1Slbf1Tk9I-G6Y99Lq8DMILt-i4ocjoio1bg==
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=316290525736583&ev=PageView&dl=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&rl=&if=false&ts=1663952796964&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.2.1663952796963.1083599138&it=1663952796271&coo=false&rqm=GET
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 23 Sep 2022 17:06:38 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 17:06:37 GMT
cache-control
no-store
server
nginx
dest5.html
newscorpau.demdex.net/ Frame F78E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.162.157 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-162-157.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-apse-2-v038-0ab0c1be6.edge-apse.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
TEdf6T9CRlI=
content-encoding
gzip
date
Fri, 23 Sep 2022 17:06:37 GMT
last-modified
Mon, 19 Sep 2022 09:55:43 GMT
transfer-encoding
chunked
vary
accept-encoding
id
metrics.geelongadvertiser.com.au/ 		48 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.geelongadvertiser.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=08293981904171223601091668987827584391&ts=1663952797032
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
6612a06782db45df240dcc4c886a1481b5d0c31d7b7a88139e7fc27b046536c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.geelongadvertiser.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Yy3nnwAAAJwOyQN8
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=08314947031694881621094073913528724637
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nnwAAAJwOyQN8
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nnwAAAJwOyQN8
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v038-033eed0b4.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tSIyBtwJTww=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nnwAAAJwOyQN8
Date
Fri, 23 Sep 2022 17:06:39 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13074&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&dom=www.geelongadvertiser.com.au&r=1663952797073&pvs=1&pvid=4cccf357-d803-4124-8da1-84c87ebdcb0f&c=true&tzOffset=0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
dotmetrics-hit-status
01 OK
server
Kestrel
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 d454a4131cad7323027c4a71e9d4c5d0.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
image/gif
x-amz-cf-id
-MTKhIJQ3C0RZbMn7M6OwFQv8tNXSM2dlso4quCOxokTakvkLcfM6Q==
701.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
6733a09bfc852d2a605aa398af37c3b0df6858af45cb4162cbb5f80d15b03a03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 17:06:38 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.geelongadvertiser.com.au
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
pub
pixel.adsafeprotected.com/services/ 		683 B
926 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.gea/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.gea/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.gea/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.gea/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.gea/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.gea/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=36e84921-472c-bf2c-1667-86780cb16004&url=https%253A%252F%252Fwww.geelongadvertiser.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.47.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
83fa53cae084d495d0fca6f09565fb3a9fe370ecffb32fc800bbfea41d4ad9c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
x-server-name
app03.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.geelongadvertiser.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&pid=Pi7oMArmzgMBc&cb=0&ws=1600x1200&v=22.9.81452&t=4000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x50%22%2C%221000x100%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-30-231.sin2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
via
1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.geelongadvertiser.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
bCD5Wkcu5gLpXp9lPK8OTU0zjUod4At1nCC8os4tURKPtdthVCkPzg==
envelope
api.rlcdn.com/api/identity/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.geelongadvertiser.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
script.js
au-script.dotmetrics.net/Scripts/ 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=214
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
b07f5a1999429f79826a2454193403d52131db0eab4dfbd79a38b8d980808ed3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
content-encoding
br
last-modified
Mon, 05 Sep 2022 12:02:11 GMT
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"1d8c11f544f5886"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 d454a4131cad7323027c4a71e9d4c5d0.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
j9sKIuHVNVMiO6BL0-7hOKQbem0Dv4VLPhJQGIaaSqSFnCtR0_guQA==
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-160.pacnet.net
Software
AmazonS3 /
Resource Hash
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
W_yTpbzpqY89CZHjDkmLnffsRbstOxY.
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 05:38:14 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P4
etag
"189bff3ecbc5fc21ff53bd3b46f8ee8b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=80
date
Fri, 23 Sep 2022 17:06:37 GMT
accept-ranges
bytes
content-length
1284
x-amz-cf-id
17OsOtIjsmEXrPJkCcxBX8o6mHpHJQqkCcdA_43J0MjKs99GynPC8Q==
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 55ED 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-39.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2333
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 23 Sep 2022 16:27:45 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 d349739893df3b59b8ea4953ff21a5e8.cloudfront.net (CloudFront)
x-amz-cf-id
Vh7ESsTIQafEfqbep9_gmuDVu_-HEoCl3gZ1XfZewcC-2J2n1xB6Ww==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache
Hit from cloudfront
translator
hbopenbid.pubmatic.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.geelongadvertiser.com.au
date
Fri, 23 Sep 2022 17:06:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
mfad.inskinad.com/api/ 		160 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.19.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-19-19.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
6b674af5c6e7fd6fcd8240a61985a008cfbcf76583c12e7eaba284c19e398f6c

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:38 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"a0-YT6rlkgBulGKZlq4Sk083Wgz02k"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.geelongadvertiser.com.au
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
160
x-served-by
bifrost-production-shard001-us-east-1e-i-08b76f28baec36384
fastlane.json
fastlane.rubiconproject.com/a/api/ 		407 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1951896&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.gea&tg_i.pbadslot=%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=bd280c0b-4d72-41da-b412-9d3fdff3b240&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-1&slots=1&rand=0.1039265603391033
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b53a66a4c63c56cd1a904150bbf839b2dd1aaed2a87328e8012fd659069b3bda

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:37 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
407
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		406 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1951896&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.gea&tg_i.pbadslot=%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=4527e9a2-d5d9-4a0c-8e66-2a467ec6da57&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-1&slots=1&rand=0.6541317139333134
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cfca1ce85977c17c1aa43f783eae74c9827df2b6022d05ff4e60e7e3b262f738

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:37 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
406
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		384 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1951898&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.gea&tg_i.pbadslot=%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=1aaf158a-a263-4e24-8e8f-177c06dcfa75&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-2&slots=1&rand=0.34127878150609336
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a48f24aa8f29856cbb1616ed9e497074a4306c8f1d1ed47e7253a4a5472aa85b

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:37 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
384
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		386 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1951898&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.gea&tg_i.pbadslot=%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=efff5a1b-df56-4379-b38b-33c6cac20e92&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-2&slots=1&rand=0.2672178392590303
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8b056daff2818b889c6c93476f43a994c87f5f0059892160a71c62ae9eea884f

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:37 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
386
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		496 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d2946abf27eaca5e23cda23efdf26b2dd3f77da56a6cac5c032a98bff1638d97
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:38 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
73193c18-67a1-4dac-83d2-66c08157e04d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
496
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.playground.xyz/host-config/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.geelongadvertiser.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
5d7b14a4-fc80-4c24-94fc-45b63825778b
trinity.json
syd-1-apex.go.sonobi.com/ 		0
0
cdb
bidder.criteo.com/ 		18 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=68844671687
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.geelongadvertiser.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
cygnus
htlb.casalemedia.com/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277558&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2230a2152edd24862%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.geelongadvertiser.com.au%2F%3Fpagetype%3Dhomepage%26sec1%3Dhome%26sec2%3D%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22314eb015278b31c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277558%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277558%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277558%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%22346293059fda79e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279835%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279835%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%22360cd1b788785eb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320672%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-2%22%7D%7D%2C%7B%22id%22%3A%22373aa08f381f25e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320669%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c48f363103247eb8bf1a1b57c4bcff0944ee24dbd9a32c77ff304f0f64af9c

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1qo3vsOHw8PsxJwh1J5TVdCVKfCPJdQ7NRcjzv6GCXXNbUKxX0tHVJvk771J4zk5ucgURLYYx3jL%2FXcYiFTPKL0noerxh2VCFeLPkOnimyKzDo20izG3rqoV4ky08sw2acLeUn1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.geelongadvertiser.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74f4df383d40fea1-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f139.1e100.net
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:22:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:12:12 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f139.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:44:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:34:15 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 6417
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f139.1e100.net
Software
ESF /
Resource Hash
ea825ec9d63d5602e5550f9622c03404df6a1c16d68ec821d49755552b2b90eb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-gy3mSNI01mVZiW4Rw1pCcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-gy3mSNI01mVZiW4Rw1pCcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Fri, 23 Sep 2022 17:06:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-QX_uOWG7iUSLUfqYAb-0ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Fri, 23 Sep 2022 17:06:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/geelongadvertiser.com.au/ 		2 B
529 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/geelongadvertiser.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f139.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.geelongadvertiser.com.au
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
validate
assets.vidora.com/v1/ 		0
297 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=geelongadvertiser.CA5411A8D846BCF3996B6A31FEF2CCF9
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-8.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 17:06:37 GMT
via
1.1 a84eb604396158af577c875ac569048a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
8a26fhi0rEBzngIci-OQbvU2jr2pN9QFde2BS_og-J_R1Txi0vCefg==
expires
Fri, 23 Sep 2022 17:06:36 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 55ED 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P9639CC51-2F11-48E8-B888-393496680A12&sessionId=hazhjjquarexmaygh8zt7mw3dmpam1663952797&c16=sdkv,bj.6.0.0&uoo=&fp_id=mqmi9gi83q4ukwnsj9xtwhngu2bvs1663952797&fp_cr_tm=1663952797205&fp_acc_tm=1663952797205&fp_emm_tm=1663952797205&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.71.162 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-71-162.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:37 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
hazhjjquarexmaygh8zt7mw3dmpam1663952797.nuid.imrworldwide.com/ Frame 55ED 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hazhjjquarexmaygh8zt7mw3dmpam1663952797.nuid.imrworldwide.com/
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-93.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 22:17:16 GMT
via
1.1 a4e03b25c402f8e111eba098232bf16e.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
67762
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
35
x-amz-cf-id
nGwcGG1ZUgHWr6i8pK1v0vUz2OF32He-Tk2tqB8WqU4CtCO5xKaLOw==
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.210.135.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 17:06:37 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.210.135.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.geelongadvertiser.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Sep 2022 17:06:37 GMT
Server
nginx
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
438d50b298a91528388dbfd044a8eb83a456eb3a3e03ad01e96ce94522724e1f

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.geelongadvertiser.com.au
date
Fri, 23 Sep 2022 17:06:38 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		0
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=316290525736583&ev=Microdata&dl=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&rl=&if=false&ts=1663952797468&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Geelong%20Advertiser%20%7C%20Latest%20Geelong%20%26%20Region%20News%20%7C%20Geelong%20Advertiser%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Geelong%20Advertiser%22%2C%22%40id%22%3A%22geelongadvertiser.com.au%22%7D%2C%22isAccessibleForFree%22%3A%22True%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22Geelong%20Advertiser%22%2C%22productID%22%3A%22geelongadvertiser.com.au%3Adigital%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.2.1663952796963.1083599138&it=1663952796271&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 23 Sep 2022 17:06:38 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=08293981904171223601091668987827584391&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%0108894a8a6f66376158817cd1139ca11b%011&ts=1663952797550
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
9de5350e38c51549d56c0d4ad6fb5a9abc41e66cfef4e7a1de2649c410b637a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-apse-1-v038-0113f1027.edge-apse.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
QPYqF/DEQ0k=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1567
Expires
Thu, 01 Jan 1970 00:00:00 UTC
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNzQsImZsIjp0cnVlLCJkb20iOiJ3d3cuZ2VlbG9uZ2FkdmVydGlzZXIuY29tLmF1IiwibHNvIjpudWxsLCJ1cmwiOiJodHRwczovL3d3dy5nZWVsb25nYWR2ZXJ0aXNlci5jb20uYXUvIiwicnVybCI6IiIsInB2aWQiOiI0Y2NjZjM1Ny1kODAzLTQxMjQtOGRhMS04NGM4N2ViZGNiMGYiLCJ0ek9mZnNldCI6MCwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D&r=1663952797696
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
de0b0b8be6e7dee9d500f910d0b9d8635c49c7e92f14024b19ba0d872ff8f5aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:38 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
SIN2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 d454a4131cad7323027c4a71e9d4c5d0.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
application/javascript
x-amz-cf-id
QuEGx6JfbD8gUNsdVDXF6oUWK3Mu8mYJ0nmzS1fbozcTvO0jSnm5DA==
s92612921393007
metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/s92612921393007?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=23%2F8%2F2022%2017%3A6%3A37%205%200&cid.&newsnkidcookie.&id=08894a8a6f66376158817cd1139ca11b&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=08894a8a6f66376158817cd1139ca11b&mid=08293981904171223601091668987827584391&aamlh=3&ce=UTF-8&ns=newscorpau&cdp=3&pageName=ga%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&c.&getNewRepeat=3.0&getPreviousValue=3.0&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D82&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cgeelong%20advertiser%7Cgeelong%20advertiser%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=geelong%20advertiser&c3=D%3Dv3&v3=geelong%20advertiser%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=3%3A06%20AM%7CSaturday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=82&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cvic%7Cmelbourne%7C-37.82%7C144.97%7Cgmt%2B10%7Cunknown&v79=au&v80=08894a8a6f66376158817cd1139ca11b-00000000000000000000000000000000-1663952795758-111318&v110=2022-09-23%2017%3A06%3A29&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
e0e2c7b79aa5da0074ddc394f56c49b18b60ef3728e0bb53ac20724d6cfa23f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-aam-tid
xeB5Tv0tSnU=
date
Fri, 23 Sep 2022 17:06:37 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
vary
*
content-length
4977
x-xss-protection
1; mode=block
dcs
dcs-prod-apse-2-v038-0ab0c1be6.edge-apse.demdex.com 6 ms
pragma
no-cache
last-modified
Sat, 24 Sep 2022 17:06:37 GMT
server
jag
etag
3573311423578275840-4619897910414753571
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 22 Sep 2022 17:06:37 GMT
ibs:dpid=358&dpuuid=5813278693740145724
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=5813278693740145724
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5813278693740145724
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v038-0563f3fe0.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
SLpqsj63QWM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:38 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8813572a-79c5-4de3-a23b-a3c935b85b28
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5813278693740145724
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=470&dpuuid=3810868978671773715
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://d3273622690172371738-t3810868978671773715.id.amgdgt.com/r/telco/tuid/3810868978671773715/duid/3273622690172371738/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D381086897867...
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3810868978671773715
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3810868978671773715
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v038-0dae3cf57.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rTrqVtpxS7w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3810868978671773715
Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:39 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Content-Length
0
Strict-Transport-Security
max-age=15768000
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=481&dpuuid=L8EQJ7Q9-9-GKD9
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=08314947031694881621094073913528724637&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8EQJ7Q9-9-GKD9?gdpr=0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8EQJ7Q9-9-GKD9?gdpr=0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v038-04becb7e4.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
oVU+HGi3RAc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8EQJ7Q9-9-GKD9?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Serving
bs.serving-sys.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=8081686943535452817&pageurl=$$https%3A%2F%2Fwww.geelongadvertiser.com.au%2F$$&activityValues=$$Session%3D4887116166405335636$$&ns=0&rnd=03600107221187754&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.135.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-135-242.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d30324efb3494df045b69bd0a84e19d433352853c05d5ee68274b6161359943

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
1872
expires
Sun, 05-Jun-2005 22:00:00 GMT
ibs:dpid=771&dpuuid=CAESECytxVtIoE7-xYjx82fkiKA&google_cver=1
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDgzMTQ5NDcwMzE2OTQ4ODE2MjEwOTQwNzM5MTM1Mjg3MjQ2Mzc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECytxVtIoE7-xYjx82fkiKA&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECytxVtIoE7-xYjx82fkiKA&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v038-08d2cbcb2.edge-apse.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
yqaDVTBQTzo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECytxVtIoE7-xYjx82fkiKA&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 6417 		0
25 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-ysuj_uO-h24eqv43Y-Dsyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
date
Fri, 23 Sep 2022 17:06:38 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-ysuj_uO-h24eqv43Y-Dsyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 6417 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f139.1e100.net
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:22:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:12:12 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTj... Frame 6417 		170 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6afx_BoIQe3zX-a5Gz89gg1xKgNw/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
ee7405f645b76af37fc0638e77f6b0482019ea6924b8c45751f122ff3ed75d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74852
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61205
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:50:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 20:19:06 GMT
ibs:dpid=903&dpuuid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v038-0563f3fe0.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
auMAVUZdRh0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame F78E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6417 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 13:24:20 GMT
x-content-type-options
nosniff
age
99738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 13:24:20 GMT
ibs:dpid=23728&dpuuid=Yy3nnpaHoO2gg-757ik6gQAA%264781
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nnpaHoO2gg-757ik6gQAA%264781
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nnpaHoO2gg-757ik6gQAA%264781
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v038-05e43c533.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7PKMlsyvRVM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeXXHNExpTYY5nDL2JviM8L7kvxbGUsvHv%2FExHLOGyq8RxYsPYgwqj04KNhEAgL%2BVozO%2FRTdhpY5JGJeuVqSf5jqxfNH62vP3iH%2BkCHsiZDmx3u%2BeZt6ZcfgYStHSY6lQQNLsGli"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nnpaHoO2gg-757ik6gQAA%264781
cache-control
no-cache
cf-ray
74f4df4249f1fe91-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ibs:dpid=30432&dpuuid=CI-63dcd6437372c42b9989493928994843
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=08314947031694881621094073913528724637&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-63dcd6437372c42b9989493928994843
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-63dcd6437372c42b9989493928994843
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v038-046b1385a.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fNWvETGwTZg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-63dcd6437372c42b9989493928994843
Date
Fri, 23 Sep 2022 17:06:39 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=08314947031694881621094073913528724637&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=08314947031694881621094073913528724637&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v038-0037eba19.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
HHr2UuiGTJI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Fri, 23 Sep 2022 17:06:39 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
701.json
id5-sync.com/g/v2/ 		451 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
cb657bd1961fa2b4572404d665499f7a3fe903c9ef2b60c3b1c11fa0cac094f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 17:06:38 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.geelongadvertiser.com.au
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
usermatch.gif
beacon.krxd.net/ Frame F78E
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=08314947031694881621094073913528724637
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08314947031694881621094073913528724637
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08314947031694881621094073913528724637
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
34.210.246.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-246-46.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:40 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1663952800
x-served-by
beacon-n015-pdx-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08314947031694881621094073913528724637
date
Fri, 23 Sep 2022 17:06:39 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a013-ash-prod.krxd.net
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=08314947031694881621094073913528724637&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v038-0450ba318.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
hFNgKIUsR6A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Fri, 23 Sep 2022 17:06:39 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame F78E 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663952799.137489,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mel11223-MEL
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L... Frame 6417 		133 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L.B1.O/am=ZAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4EDhYh-tN9DqaNmgfXpyBU9VUs8w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6afx_BoIQe3zX-a5Gz89gg1xKgNw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
7ef92b289510806c5cb30ffb6afc031d276874b28e33f8afa1eba7dbfcc68ead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45812
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:50:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 20:19:08 GMT
btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame F78E 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663952799.137636,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mel11223-MEL
interact
edge.adobedc.net/ee/v1/ 		725 B
838 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=bd77f951-4437-4104-a646-b893ff585229
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-112.data.adobedc.net
Software
jag /
Resource Hash
ee1a4962f646187a69bcd2cfef58cfe2770e0ff7b4f658af1188978df66d16cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 17:06:39 GMT
content-encoding
deflate
x-content-type-options
nosniff
x-rate-limit-remaining
599
x-adobe-edge
OR2;9
vary
Origin
x-xss-protection
1; mode=block
x-request-id
bd77f951-4437-4104-a646-b893ff585229
server
jag
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.geelongadvertiser.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.9.37:fc1cc715
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame F78E 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663952799.137657,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mel11223-MEL
UH6TUt9n
sync-tm.everesttech.net/upi/pid/ Frame F78E 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663952799.202404,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-mel11223-MEL
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b12_homepage_S&asn=homepage&fp_id=mqmi9gi83q4ukwnsj9xtwhngu2bvs1663952797&fp_cr_tm=1663952797205&fp_acc_tm=1663952797205&fp_emm_tm=1663952797205&ve_id=&sessionId=hazhjjquarexmaygh8zt7mw3dmpam1663952797&prv=1&c6=vc,b12&ca=NA&c13=asid,P9639CC51-2F11-48E8-B888-393496680A12&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,26gvw7tshdfq3lh1qnsvxjo6w1vpe1663952797&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16639527972028603&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1663952795806&c3=st,c&c64=starttm,1663952798&adid=1663952795806&c58=isLive,false&c59=sesid,&c61=createtm,1663952799&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1663952799&rnd=531733
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.71.162 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-71-162.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F78E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy3nnwAAAJwOyQN8
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy3nnwAAAJwOyQN8
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663952799.304043,VS0,VE0
x-served-by
cache-mel11223-MEL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy3nnwAAAJwOyQN8
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
up_loader.1.1.0.js
js.adsrvr.org/ Frame BB7F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 16:14:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
3108
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
SIN2-C1
X-Amz-Cf-Id
KKjO508YVROFpEXnNp6V-F4k_Ci9d52zaJIs6y9fGvlO3-9UsVhOJA==
up_loader.1.1.0.js
js.adsrvr.org/ Frame CC1D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 16:14:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
3108
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
SIN2-C1
X-Amz-Cf-Id
Ok0OPqYYJTOjwXDlQXX0JRPIKAmU2WNNngFbfZIlkmHIYK14NnTCaQ==
pixie.js
acdn.adnxs.com/dmp/up/ Frame B6F2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:06:39 GMT
Content-Encoding
gzip
Age
40128
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21934-LGA, cache-mel11240-MEL
Access-Control-Allow-Origin
*
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1663952800.551527,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 5229
activityi;dc_pre=CNuNt5yzq_oCFc4ztwAd8JkG8Q;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879
8228261.fls.doubleclick.net/ Frame 66CD
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuNt5yzq_oCFc4ztwAd8JkG8Q;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=532727027066...
402 B
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuNt5yzq_oCFc4ztwAd8JkG8Q;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879?
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
cafe /
Resource Hash
2b60dbffb3424bcd9013dfd27824cc3390588346d7ae420ac485847b23f0a6d0
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
329
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:40 GMT
expires
Fri, 23 Sep 2022 17:06:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuNt5yzq_oCFc4ztwAd8JkG8Q;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CMqOt5yzq_oCFbFRfAodjDgFtw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287
8228261.fls.doubleclick.net/ Frame 5B36
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CMqOt5yzq_oCFbFRfAodjDgFtw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=697184585544...
402 B
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMqOt5yzq_oCFbFRfAodjDgFtw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287?
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
cafe /
Resource Hash
cfbaebc48bb4435695bdd56880c4e0931f2fed69d8f4db4be87c229b9463e126
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
329
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:40 GMT
expires
Fri, 23 Sep 2022 17:06:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMqOt5yzq_oCFbFRfAodjDgFtw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 02DF 		115 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c94562cf8c1200eda7d0027734bffa0e186d2f563242bead164fb3ceba68cf74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46643
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 17:06:39 GMT
js
www.googletagmanager.com/gtag/ Frame A807 		115 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
53c51edafb8aba1426a85eb7e447bc610b540d157d8629af90df62874065f8e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46578
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 17:06:39 GMT
sync
ups.analytics.yahoo.com/ups/55953/ Frame AD71
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:s5u42vo&fmt=3
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=Nzk2ZjkxZjUtNmMxOS00MzEwLTlkOGUtOTZkY2Y1YmVkM2Qw&gdpr=0&gdpr_consent=&ttd_tdid=796f91f5-6c19-4310-9d8e-96dcf...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&google_gid=CAESEH4rmW6rxk1Jg8Pg_8BbhC0&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3i1W7bZE2uLGvQFksv2QoAt_hmX1i9k-~A&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&_origin=0&gdpr=0&gdpr_consent=
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:40 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&_origin=0&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
activity
au-gmtdmp.mookie1.com/t/v2/ Frame B0EF 		43 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296536&src.rand=[timestamp]
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
px
secure.adnxs.com/ Frame 387F 		43 B
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=879169&seg=9702350&t=2
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:40 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b764c66e-1c7b-434b-9245-26a3f7865893
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1050017&seg=15376868&t=1
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:40 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4ed474d4-7511-4047-abd5-164a9d04f91b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1050011&seg=15376717&t=1
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:40 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d7ec3201-cc23-44bd-98ea-08213ae776db
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F78E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nnwAAAJwOyQN8
1 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nnwAAAJwOyQN8
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663952799.439621,VS0,VE0
x-served-by
cache-mel11223-MEL
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nnwAAAJwOyQN8
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L... Frame 6417 		1 KB
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L.B1.O/am=ZAAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4EDhYh-tN9DqaNmgfXpyBU9VUs8w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6afx_BoIQe3zX-a5Gz89gg1xKgNw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
736c2d3c83596bc17524d1a9bce892412356d62d1cf2093c3346c6a89172ed94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
686
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:50:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 20:19:09 GMT
partner
sync.search.spotxchange.com/ Frame F78E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nnwAAAJwOyQN8&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nnwAAAJwOyQN8&img=1&__user_check__=1&sync_id=174a709b-3b62-11ed-ac8e-1805dd570507
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nnwAAAJwOyQN8&img=1&__user_check__=1&sync_id=174a709b-3b62-11ed-ac8e-1805dd570507
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
103.71.26.126 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:06:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
61
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 23 Sep 2022 17:06:40 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=Yy3nnwAAAJwOyQN8&img=1&__user_check__=1&sync_id=174a709b-3b62-11ed-ac8e-1805dd570507
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
35
Connection
keep-alive
Content-Length
0
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 6417 		633 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-5462509913957945408&bl=boq_subscribewithgoogleclientserver_20220921.07_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=61600&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6afx_BoIQe3zX-a5Gz89gg1xKgNw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f139.1e100.net
Software
ESF /
Resource Hash
ecc615c1af700a2627151c23e89445793ef608d505d30f156e35237e079262a7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 17:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixie
ib.adnxs.com/ Frame B6F2 		42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1663952799597&v=0.0.20&u=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&r=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&st=1663952799597&et=1663952799597&if=1
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:06:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
b.php
www.facebook.com/fr/ Frame F78E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nnwAAAJwOyQN8&t=2592000&o=0
43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nnwAAAJwOyQN8&t=2592000&o=0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 10:06:40 PDT
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
OWnFf0o7bebE29gtV8UOERZR2IvqxwOoVpdjCHpnLe/EsKQHa8qIHPnAdOZnim19/CDBmr/ntsQaSP5W1VwqgQ==
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Fri, 23 Sep 2022 10:06:40 PDT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663952800.661800,VS0,VE0
x-served-by
cache-mel11223-MEL
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nnwAAAJwOyQN8&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L... Frame 6417 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L.B1.O/am=ZAAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4EDhYh-tN9DqaNmgfXpyBU9VUs8w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6afx_BoIQe3zX-a5Gz89gg1xKgNw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
fee943a9dad82106a8ac253ed19352785e2db488595759bfb36e8951bc300dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7230
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:50:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 20:19:11 GMT
ibs:dpid=147592
dpm.demdex.net/ Frame F78E
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v038-0de376178.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
HpSgp3+7QtI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
97
date
Fri, 23 Sep 2022 17:06:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1663952800.762464,VS0,VE97
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mel11247-MEL
log
play.google.com/ Frame 6417 		131 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6afx_BoIQe3zX-a5Gz89gg1xKgNw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 17:06:40 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 23 Sep 2022 17:06:40 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 23 Sep 2022 17:06:40 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6417 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6afx_BoIQe3zX-a5Gz89gg1xKgNw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 17:06:40 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 23 Sep 2022 17:06:40 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 23 Sep 2022 17:06:40 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6417 		131 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6afx_BoIQe3zX-a5Gz89gg1xKgNw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 17:06:40 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 23 Sep 2022 17:06:40 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 23 Sep 2022 17:06:40 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
0
sync.1rx.io/usersync/adobe/ Frame F78E 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:40 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
log
play.google.com/ Frame 6417 		131 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZAAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6afx_BoIQe3zX-a5Gz89gg1xKgNw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 17:06:40 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 23 Sep 2022 17:06:40 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 02DF 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15701
x-xss-protection
0
server
cafe
etag
15927311876428925992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 17:06:40 GMT
tme
lm.serving-sys.com/lm/ 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-107.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
conversion_async.js
www.googleadservices.com/pagead/ Frame A807 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15701
x-xss-protection
0
server
cafe
etag
15927311876428925992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 17:06:40 GMT
tme
lm.serving-sys.com/lm/ 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-107.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.geelongadvertiser.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
up
insight.adsrvr.org/track/ Frame 0C9E 		982 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=xmwilhl&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&upid=gwdsao6&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
a46dd848c076bfbe6e97097adf39d1931317a0a8f6ead76c4cc843be3490ee81

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 17:06:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
13726
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-112.sin2.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 17:06:41 GMT
via
1.1 29538516c408fc0fb7e987b242cec184.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amzn-requestid
5183d521-10ea-4f54-8ccd-e5de495ca69c
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-632de7a1-2b0068f65bbae5da65d17e45
x-amz-apigw-id
Y7EhOGUojoEFYXA=
content-length
25
x-amz-cf-id
1V58tlXkIPgBnZmgixbROJwcP57zR2RBXIyb9IINPLRdQ4oc0Jd4gw==
up
insight.adsrvr.org/track/ Frame F3F6 		982 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&upid=3ausds4&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0858a9148363746faebe3b6c8af106af3bc4c3c0254da6f80e8524fbbc72cef9

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 17:06:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
dc_pre=CMqOt5yzq_oCFbFRfAodjDgFtw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287
adservice.google.com/ddm/fls/z/ Frame 5B36 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMqOt5yzq_oCFbFRfAodjDgFtw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMqOt5yzq_oCFbFRfAodjDgFtw;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6971845855445.287?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CNuNt5yzq_oCFc4ztwAd8JkG8Q;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879
adservice.google.com/ddm/fls/z/ Frame 66CD 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNuNt5yzq_oCFc4ztwAd8JkG8Q;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuNt5yzq_oCFc4ztwAd8JkG8Q;src=8228261;type=invmedia;cat=newsc018;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5327270270667.879?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 0C9E 		487 B
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=xmwilhl&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&upid=gwdsao6&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 16:41:54 GMT
Via
1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
2694
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
SIN2-C1
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
fjJKl-AcQ693nL382tvLMzh2eYcPUWRdHY-oAtefIV8l2--eVYii5A==
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame F3F6 		487 B
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&upid=3ausds4&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 16:41:54 GMT
Via
1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
2694
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
SIN2-C1
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
kcdh79CXmVh7fn5-fIV3YBnMz-bNvHk4K1hkcZ9nBueVLWo1a6qRYQ==
rum
dsum-sec.casalemedia.com/ Frame 9DE1 		43 B
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expiration=1666544800&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f4df4d4c525ab0-MEL
content-length
43
content-type
image/gif
date
Fri, 23 Sep 2022 17:06:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ic7UR90MGBXDvoq840JL4vknW1SBsw%2BBS2%2Bm30byVwZ%2B9%2Ft4viCMTO6qxplYz83ZzUmFJOEeOTpMbLm5AAAVwt1997M0hptVB3drHMS1pkHUyfSpvuKMuX89jFmJl%2BTUesLo7oRfczwtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
avd.innity.com/bounce/ Frame 1E1F
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=6b38cf62-f3ea-4952-8c0a-9f3fa1097def
  • https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D6b38cf62-f3ea-4952-8c0a-9f3fa1097def
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D6b38cf62-f3ea-4952-8c0a-9f3fa1097def
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 23 Sep 2022 17:06:41 GMT
Expires
Wed, 04 Aug 1985 12:59:00 GMT
Last-Modified
Fri, 23 Sep 2022 17:06:41 GMT
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Pragma
no-cache
Server
Apache

Redirect headers

Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 17:06:41 GMT
Location
/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3D6b38cf62-f3ea-4952-8c0a-9f3fa1097def
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame 2088
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 17:06:40 GMT
server
nginx

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
313
content-type
text/html
date
Fri, 23 Sep 2022 17:06:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
pixel
cm3.adform.net/ Frame D7BC
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://cm3.adform.net/pixel?adform_pid=3&adform_pc=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&adform_v=1
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm3.adform.net/pixel?adform_pid=3&adform_pc=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&adform_v=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
43
content-type
image/gif
date
Fri, 23 Sep 2022 17:06:41 GMT
etag
"5e73c678-2b"
last-modified
Thu, 19 Mar 2020 19:22:32 GMT
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Sep 2022 17:06:41 GMT
Location
//cm3.adform.net/pixel?adform_pid=3&adform_pc=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&adform_v=1
Server
nginx
rum
dsum-sec.casalemedia.com/ Frame 1924 		43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&expiration=1666544800&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f4df4d4c545ab0-MEL
content-length
43
content-type
image/gif
date
Fri, 23 Sep 2022 17:06:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Bo%2FV5DXjP7RGFyAQ8KyGMVkVPKCQaWBiZ7UESQljZJWbMDbzWIdm1iVawl9tgkttp2GKqnY%2F46vTGg%2FggSt4z0qrs7i4SDBPqW7d1IiLCsFydwe%2F2Tb7cx7kp%2FDbksBzp6iMgRg4GDfTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Pug
simage2.pubmatic.com/AdServer/ Frame 132A
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Sep 2022 17:06:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
313
content-type
text/html
date
Fri, 23 Sep 2022 17:06:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 02DF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1663952800694&cv=9&fst=1663952800694&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&auid=1565954551.1663952800&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
8c8888e3881253590d4beffc2b0dc90768ac55b054bffbe66e140263d25594c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1022
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/820018408/ Frame 02DF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/820018408/?random=1663952800696&cv=9&fst=1663952800696&num=1&label=K_nGCNn0y3sQ6PmBhwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&auid=1565954551.1663952800&gtm_ee=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
bd67da39842af55e0405cfc4ce77f07fa2b88d4bd893495d900bf30fd6e70e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame A807 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1663952800844&cv=9&fst=1663952800844&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&auid=1565954551.1663952800&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
a417c2b63129614e58794e89a60c745f608a234439cd2eadf167070084442ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1023
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-conversion/820018408/ Frame 02DF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=2027693333&cv=9&fst=1663952800696&num=1&label=K_nGCNn0y3sQ6PmBhwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
  • https://www.google.com/pagead/1p-conversion/820018408/?random=2027693333&cv=9&fst=1663952800696&num=1&label=K_nGCNn0y3sQ6PmBhwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
  • https://www.google.com.au/pagead/1p-conversion/820018408/?random=2027693333&cv=9&fst=1663952800696&num=1&label=K_nGCNn0y3sQ6PmBhwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=120...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-conversion/820018408/?random=2027693333&cv=9&fst=1663952800696&num=1&label=K_nGCNn0y3sQ6PmBhwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&auid=1565954551.1663952800&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10LU5WaGowNzJrM0xvYldGZWRJTUVkRTNEWS1pbzFEVi01RVdyVkRmSXhDRTVNGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERFMy1ZOWhHZlRRMGVLTXBWNUMzeUNWdGt5a3h2SEFoRkxkQm9QSGtlc21JcXVrbndPTVJqX3Bp&is_vtc=1&ocp_id=oectY-GVBay-rtoPup-qqAE&cid=CAQSKQCsnQUxawyZXVo_4tevG6z4mfcSkhrOdf-ZCueVIvugUpTHUog3LBPy&random=3706581381&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hBeBgvBcykOAxbNSgKXmOZ4dKKF78jmiX1itUpfnO_osv-kG8S7SUnXA54Kk4v6LLXowSJ2TP297T_-aVCWKvzI
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.com.au/pagead/1p-conversion/820018408/?random=2027693333&cv=9&fst=1663952800696&num=1&label=K_nGCNn0y3sQ6PmBhwM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&auid=1565954551.1663952800&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10LU5WaGowNzJrM0xvYldGZWRJTUVkRTNEWS1pbzFEVi01RVdyVkRmSXhDRTVNGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERFMy1ZOWhHZlRRMGVLTXBWNUMzeUNWdGt5a3h2SEFoRkxkQm9QSGtlc21JcXVrbndPTVJqX3Bp&is_vtc=1&ocp_id=oectY-GVBay-rtoPup-qqAE&cid=CAQSKQCsnQUxawyZXVo_4tevG6z4mfcSkhrOdf-ZCueVIvugUpTHUog3LBPy&random=3706581381&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hBeBgvBcykOAxbNSgKXmOZ4dKKF78jmiX1itUpfnO_osv-kG8S7SUnXA54Kk4v6LLXowSJ2TP297T_-aVCWKvzI
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:41 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Sep 2022 17:06:41 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.geelongadvertiser.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.geelongadvertiser.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		154 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=622803484893169&correlator=3393921728693272&hxva=1&scor=1354655507318852&eid=31068457%2C31069792&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=5129%2Cndm.gea%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ifi=1&adks=2387509022%2C861514627%2C1787839341%2C2113768957%2C2902378627%2C1535257480&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D16773bff-3b62-11ed-944d-02aa41dfc264%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D16773c00-3b62-11ed-944d-02aa41dfc264%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%26pub%3D40%26hb_format_ix%3Dbanner%26hb_size_ix%3D300x600%26hb_pb_ix%3D0.72%26hb_adid_ix%3D38dc72795d530dd%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.72%26hb_adid%3D38dc72795d530dd%26hb_bidder%3Dix%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D16773c01-3b62-11ed-944d-02aa41dfc264%7Cpos%3D1%26refreshed%3Dfalse%26id%3D16773c02-3b62-11ed-944d-02aa41dfc264%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D16773c03-3b62-11ed-944d-02aa41dfc264%7Cpos%3D1%26id%3D16773c04-3b62-11ed-944d-02aa41dfc264&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D08894a8a6f66376158817cd1139ca11b%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26snol%3Dd%252Ce%252Cg%252Ch%252Ca%252Cb%252Cc%26abtest%3Da%26pvid%3D08894a8a6f66376158817cd1139ca11b-00000000000000000000000000000000-1663952795758-111318%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3006644_PG%252CIAS_1500903_PG%252CIAS_1500902_PG&sc=1&cookie_enabled=1&abxe=1&dt=1663952801278&lmt=1663952801&dlt=1663952793418&idt=3723&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C467%2C10967%2C12200%2C4485%2C12920&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&frm=20&vis=1&psz=1600x134%7C300x276%7C300x250%7C1600x720%7C1248x0%7C1600x12938&msz=728x93%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1188234593.1663952801&ga_sid=1663952801&ga_hid=1736176965&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
f5c6555e4ee811a08101c2b9b650ce268ac0866919b607f23635d6dd4a16465a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42483
x-xss-protection
0
google-lineitem-id
6084598215,6084598215,-1,6084598215,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404672816,138404823462,-1,138404672819,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.geelongadvertiser.com.au
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6DE9 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:41 GMT
expires
Sat, 23 Sep 2023 17:06:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/820018408/ Frame A807 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1663952800844&cv=9&fst=1663952400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&async=1&fmt=3&is_vtc=1&random=1581472712&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame A807 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1663952800844&cv=9&fst=1663952400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&async=1&fmt=3&is_vtc=1&random=1581472712&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 02DF 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1663952800694&cv=9&fst=1663952400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&async=1&fmt=3&is_vtc=1&random=3957415289&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame 02DF 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1663952800694&cv=9&fst=1663952400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&async=1&fmt=3&is_vtc=1&random=3957415289&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.17.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-17-99.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.geelongadvertiser.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 17:06:42 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.17.99 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-17-99.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.geelongadvertiser.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 23 Sep 2022 17:06:41 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D2E8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=77759
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 17:06:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 24 Sep 2022 14:42:40 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9EB8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
30768
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Sep 2022 17:06:41 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 22382
X-Served-By
cache-lga21981-LGA, cache-mel11240-MEL
X-Timer
S1663952801.369507,VS0,VE0
usermatch
ssum-sec.casalemedia.com/ Frame 1B0B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc2ef67816be57f7e478d2560f7beba64c98bbfcfac900ee02ad5f468695d8e9

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f4df51f9ee17ca-MEL
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 17:06:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpqRqQZKNGoSBi1iQ26FcjALk4A7pxnGL7Swxtc%2BoMkUYecX95teLXpuiWM%2Fs%2Fo6HoZX%2FwZhD1OmnO7kIALDKZ3UrWaHilVOXnwLwboae1t7ZZEKB9g0RQamSDW%2FWBgIKQfEPzwLBeQ59A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C91C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 17:06:41 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E1E9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.74 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 17:06:42 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5813278693740145724
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=5813278693740145724
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Server
34.102.253.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:41 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
68271b4e-b97d-4d80-8cae-5044997b08d2

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:41 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
85fc0792-4879-43ff-ae14-6775ee20aff6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=5813278693740145724
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9EB8 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:41 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
19d081ae-109e-42bc-8abd-973a95fbf999
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D2E8 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15526301&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
833e1b8b18e560524beba005aee4bd36a6a21fd95a0ec607c609e89649f27e2d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame 1B0B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:43 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
84AMFB9CM5WRAZBTAHHZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:42 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
FAGJ3EE6PB5AXCXX5H58
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 1B0B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKhtnjfCqFHNKpauizbVnlA&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKhtnjfCqFHNKpauizbVnlA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df560b7bdf1c-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIk8zFZCVwEDRZ%2FzOIY7FZho66RNXtMiNygy%2BQLzl%2BwWg3ci%2FtrBvXT2J9XFuCfN2F25QII62aIsmU7pn3c2XldaubfM4RDVDx8MH5klcYWq3QIaravgoJ%2BnhySpM1vyG1YkzSuyIVqriw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKhtnjfCqFHNKpauizbVnlA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1B0B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy3nnpaHoO2gg-757ik6gQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df587d443779-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJlrxLWT9mwYzJqiXZBErc1xjDcrjZ%2BLmUGqSdxduo1LMsYKcgYD2wIlCBellraASf8tkJGzARmw5ojLw9JlzUEoDbRTRySLT9AV3tSQ%2FkoIIiQRtCBvKsHGZl2PK3K%2FuwDm0OcELymmVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1B0B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5813278693740145724
43 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5813278693740145724
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df55ebdd3779-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFG9qcgSgJhGZgmbxqoHdK6KbeV5clBUo7UExDBuSek1adLaTJi8S1u1HLZhlDCiKo80h6phpBzfVusF1ZrKRogbU7oVbWffeWmrw2ovpJd1%2B30t5k2oWoou41sJ45sFCExkqcKpVn1RIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:42 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
13e31727-6bd2-4a95-a0b7-fa8919b79190
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5813278693740145724
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.loopme.me/ Frame 1B0B 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.173.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74f4df558c3817cc-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1B0B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Server
54.254.175.9 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-175-9.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB
date
Fri, 23 Sep 2022 17:06:42 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 1B0B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=iuYvbNnifDqR4Cg8ju0waoqxLzuRsC4_3bZGUXTu
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=iuYvbNnifDqR4Cg8ju0waoqxLzuRsC4_3bZGUXTu
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df578cb73779-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wvT5H%2FegP8nmGF0ZqQul%2FIX%2Bfq4FrtQmUVgXGxDMhm0GO%2BTkxGE7r7E1a6xKU67SirQbP%2FAwFeFPbfSp7I5eWda2i4VVVvY3t%2FpbgQZO1zMFxejfvrrPAMnMSFmaCfwvuxEgXyrOolCOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=iuYvbNnifDqR4Cg8ju0waoqxLzuRsC4_3bZGUXTu
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 1B0B 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.137.171 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-137-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 1B0B 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Yy3nnpaHoO2gg-757ik6gQAA%264781
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.159.19.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-159-19-19.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1a-i-0251399da6ca69683
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Sep 2022 17:06:42 GMT
usync.js
eus.rubiconproject.com/ Frame C91C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f9cf5054354592eaa1b15b0730066d22b155be4f64e24c9f1fa1519786a67156

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:06:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=78739
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Sat, 24 Sep 2022 14:59:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 89E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjuPiQxGaI1X0Vyy3SQ8np_CF1umfJISOzGDdKEk2OO5HSv3s69_ixgZRFwwhq7HJwlxIebi1fGhF8KoVx4GCrjHCibiHJ31aDWKwXq3PYlQsDg7k8VXFNU3qiwLuDjZwTA221TkoxZKzn5dj4ccUbRPNxx4J6WqzhGakDxhCkhJslVHByWjPjnx0RTOfiE4PlCIoUTs3IVOAPr2eQ8Zhopldh2By15IOkEZTkTSRVft8iyC9-FhqYOn5ubmxOG74oiFK-83CBiB7lBF_2CwGAh_UJJo94EYfcLuXp7WuPDYx62e4u9DrE24vAMEZ2DWnOeF6wiw1F31dDLdvrZOQT52gr-oXz9qA&sai=AMfl-YQYRwwu2_65xeSXhp6_X2192480-P0fIuJ2mCMPVmD4klM-Gu4_sliCesRY8rMK_YCcWVxIhWM-6uyjatBFh5-PXJTASuKCq2QDkfM8iiwMSnCWwJLtLtVqeyna48w&sig=Cg0ArKJSzAS8VAG2amFcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
invoke.do
invoke.bonzai.co/mizu/ Frame 89E8 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2667695426079974765&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2668893237469588086&rnd=442779201
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.169.102 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-169-102.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
62b3645c392de532ff7140aa908c975608b68ae273695cfd1f67bf9d81ae009b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
Jetty(8.1.7.v20120910)
content-length
9628
content-type
text/html;charset=ISO-8859-1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 89E8 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:06:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F753 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWyFmv9ml1CxIBDTGrmcYwNgO5hr8bHuLUdQPsDp_SIpRQPgmwnK07JSqSGs1-qReppnznUoc5Ya-IVAistdClpGHmDwu9YRX5vkNQ8qp6XWh9WEPGzDQesYBo38XxRqVtqBuO31r8-uPGlt6JlUcoU41ekoiocULEQMMXCY8XROjYE5lb7OOz1MtfQSuW9905FeIkC6C69iND4a8e6BWUGozv3FQ9nRGcXPwi8RLnsXik_7RUpFbOZDmqUQ_oZapybW1kRYQ8myCrOJmjK7beYyuHRy4wCBOQNQk-AWlY5VO-oJhSIM2cFUdL9AMly0GhdahmtizxQ_c15nh94WPiTXpOJx1nOUE&sai=AMfl-YQFZZy2CNSh5Ep80La4FkLrILa1PBoDzdCD-109WkOIHFOr7xa69-VcA1yX2Aez3QvArk0J7kp-3oMEDBYCHNKoIrh1IifmmjVHb-VoSwNPnzMpTtB4_RUgSN5twYE&sig=Cg0ArKJSzBXPXiFtTTTxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dcmads.js
www.googletagservices.com/dcm/ Frame F753 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:41:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F753 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:06:42 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209072154000/ Frame 3B7D 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
345465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61518
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b9e6b1d3ca7cc68d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 3B7D 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
345465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dcaf3864e0ab6b08"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:57 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 3B7D 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
345465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"95b4b320f7966d1a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:57 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 3B7D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
345465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1908
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5561dff7c028bd87"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:57 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 3B7D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
345465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12958
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 17:08:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00747b471d2f1a24"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 17:08:57 GMT
truncated
/ Frame 3B7D 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef4d95f6b93e43438503cad780dc9055d135e72ebdad20142a460ab523f2414c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
12319754631799148158
tpc.googlesyndication.com/simgad/ Frame 3B7D 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12319754631799148158?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmc29IAFPvwTxJBnX8T9bSAFCHOkw
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
870264d61a39307a5e52ad0a617e6b1f5f9455c58ffee2615d4ea86e549b6805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 05:49:00 GMT
x-content-type-options
nosniff
age
127062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21102
x-xss-protection
0
last-modified
Sun, 03 Jul 2022 17:37:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Sep 2023 05:49:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3B7D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 04:28:47 GMT
x-content-type-options
nosniff
server
cafe
age
45475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Sat, 24 Sep 2022 04:28:47 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3B7D 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 03:55:19 GMT
x-content-type-options
nosniff
server
cafe
age
47483
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Sep 2022 03:55:19 GMT
l
www.google.com/ads/measurement/ Frame 3B7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtg_KWQnj8CPYoI3xi02MSA2pBiZJ_U-CURR5wpd5Vvw8fCUedHAGZc2KGsCCeULV8Au4kJrXIgv62pfh596uTu5FbZQ
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3B7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf4pxoectY4TtHI-KoAPZ4oGQC7PFpMRs7uvpt4gQ07eFxvYuEAEgi4iDKGClwKOApAGgAfTEkJ8CyAEC4AIAqAMByAMIqgSVAk_Qsf6VfLYkxyrSgMZCe_iyRAcI4mZB2O80Q_xD8Odgqeo9WQhalRQP0jhwV6kXlK3KGzzmK0iMm3LtYOwAM0t64iV7kdQwsj7OENJA5-whKVFG9T_i9erK-_m5URsXInv16HkwFUTGOvNcXGAR_-HL8UH8maJHD-ESVkoUcvgMXupvh7s9vUbJRK4F7Hg4CgkVvJ0bevZr5qKmfEU0jMYWvoBfMYkpzxdGEtteqb9xDoDlgWTjIY9uoimWr-NZxs3VsfrSJfYqHxAN_VlTYiXYDSqhGKHH6ydl2s_nZcfsshc75c2zQoWOA-4gt_8Z4aFBq2Yx4tiUO4fWguaiuzQxanbVBg_c8p3l9qPZgIcXAkRFe3zABMufzYWFBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfEpvLgAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ3sDdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi05MTcyNzAwNTg3MTc1MzMyGNfPEg&sigh=8mojgdAG5gc&uach_m=[UACH]
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 222B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK6fWUy9sR9i2FsuKf8nqxWBCHE2O0YHSDFEIkO0vu5QsN-nIG1TtiVUVPqCWC_5KiIS6jE-12YIFyVJlb5T1veI0OSTcEaXi5Qc7yJwQb2yaqbW89l6_8lbU2eUs4EgvQNSav5OftWh7SP5MVtH4zN85F3oD3t3aQuz-uqxuWnQ6UsIlfK7nMdXA9bbPJc_knhkw1niLKcKFd3hLi70hKMDDFgl0Hm0uPP57QlZMCjLWv76a6fRm1SQlytXHOfS_iDbcyKoCKoIftZJNS0sHsuazxc-MPbd-Dk0GijxMcGJXNmDuuFuEUTaW2k2U1uLksLucCGU66adsYhUYHla0ITCnZe_sme5E&sai=AMfl-YS67bqlSm53yViHDVgIj4CPR5XQ9ypyK-4OW1zlY3RmD0Ln_XKEMkq7-6oWivFc2Mmb96XFQKM4_HgC9pBGYThJ1xkl7MDPSbkqw-Vfp0f1AYbVxGdmMWBlsHpXxOY&sig=Cg0ArKJSzCBEyBN6cfrJEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame 222B 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9559
x-xss-protection
0
server
cafe
etag
12142024561622733046
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 16:05:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 222B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 15:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 15:57:41 GMT
l
www.google.com/ads/measurement/ Frame 222B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwA16g2GdIXSQ1lxk3N7aOxGFHh2gyFvUzp9-DrIrC-Fh_a1tNpBJCi9gZAmuTNoTWJA2UKVrVQwBHC7kkitVzFkVfug
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 222B 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:06:42 GMT
12622815879202487009
tpc.googlesyndication.com/simgad/ Frame 222B 		95 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12622815879202487009
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 15:54:16 GMT
x-content-type-options
nosniff
age
436346
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 02:12:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Sep 2023 15:54:16 GMT
container.html
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B873 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:41 GMT
expires
Sat, 23 Sep 2023 17:06:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatch
ssum-sec.casalemedia.com/ Frame 6C6A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcb4df11cffa363c922ebd2c2dd3882bdb358ff2301287aa130049b3192a8db8

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f4df560b7cdf1c-MEL
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 17:06:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djxhdzdlr1rlNdC%2BnNm6zIPsEcO70jGfLeB%2F%2FFwTl7EKspzmuwkRzlnmOWZy9NIaIPmDxvVlmRz8OQdZ6zTx%2BG6NZmG5pXkvPkMoGc4wFBxIuVqmp1aTvop3QmsFIr48auW5j7PcR8MC5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
match
c1.adform.net/serving/cookie/ Frame DFBB 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6A8F5D5D-CD9F-4374-AA63-A93E537158F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 23 Sep 2022 17:06:42 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame CD7F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8fee632d-e79f-4400-a24d-1d97c0326103&gdpr=0&gdpr_consent=
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8fee632d-e79f-4400-a24d-1d97c0326103&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Sep 2022 17:06:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 23 Sep 2022 17:06:42 GMT
Expires
Fri, 23 Sep 2022 17:06:41 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master hkg-pixel-x18 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:8fee632d-e79f-4400-a24d-1d97c0326103&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame C3AF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nnwAAAJwOyQN8&gdpr=0&gdpr_consent=
1 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nnwAAAJwOyQN8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 17:06:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 23 Sep 2022 17:06:42 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nnwAAAJwOyQN8&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11223-MEL
x-timer
S1663952802.202793,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D2E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ao9dXc2fQ3SqY6k-U3FY9g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=77758
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 24 Sep 2022 14:42:40 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame D2E8
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=6A8F5D5D-CD9F-4374-AA63-A93E537158F6
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDZBOEY1RDVELUNEOUYtNDM3NC1BQTYzLUE5M0U1MzcxNThGNhAAGg0Ios-3mQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9226d401a513a7a994dd2d893dd3f16049dcda762f7b82fe3002a0c3cb0b8019791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5MjI2ZDQwMWE1MTNhN2E5OTRkZDJkODkzZGQzZjE2MDQ5ZGNkYTc2MmY3YjgyZmUzMDAyYTBjM2NiMGI4MDE5NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5MjI2ZDQwMWE1MTNhN2E5OTRkZDJkODkzZGQzZjE2MDQ5ZGNkYTc2MmY3YjgyZmUzMDAyYTBjM2NiMGI4MDE5NzkxNDI2YjU0MTdkY2UyMRAAGgwIo8-3mQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=d3b190f8-2352-47ac-8620-d93c1afa8445
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=d3b190f8-2352-47ac-8620-d93c1afa8445
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:44 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=d3b190f8-2352-47ac-8620-d93c1afa8445
date
Fri, 23 Sep 2022 17:06:44 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame D2E8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8fee632d-e79f-4400-a24d-1d97c0326103
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8fee632d-e79f-4400-a24d-1d97c0326103
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 23 Sep 2022 17:06:42 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8fee632d-e79f-4400-a24d-1d97c0326103
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Sep 2022 17:06:41 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D2E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkE4RjVENUQtQ0Q5Ri00Mzc0LUFBNjMtQTkzRTUzNzE1OEY2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D2E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENuYaYP786c68KH36c-eHhs&google_cver=1
42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENuYaYP786c68KH36c-eHhs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENuYaYP786c68KH36c-eHhs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D2E8
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:27B51453092447D2BF2D47D286C6E8A3
42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:27B51453092447D2BF2D47D286C6E8A3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 23 Sep 2022 17:06:42 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:27B51453092447D2BF2D47D286C6E8A3
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 22 Sep 2022 17:06:42 GMT
6A8F5D5D-CD9F-4374-AA63-A93E537158F6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D2E8 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6A8F5D5D-CD9F-4374-AA63-A93E537158F6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.175.9 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-175-9.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame D2E8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame D2E8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10527164130562359916&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10527164130562359916&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=de7e6ac4-4aca-4e53-84d1-6f296b51a1cd&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10527164130562359916&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232893304283011601118&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10527164130562359916&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:44 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=6b38cf62-f3ea-4952-8c0a-9f3fa1097def&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 23 Sep 2022 17:06:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame D2E8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6A8F5D5D-CD9F-4374-AA63-A93E537158F6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-es2C3xhE2uXo1VK9rwYn_jTp91SdjvU-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-es2C3xhE2uXo1VK9rwYn_jTp91SdjvU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-es2C3xhE2uXo1VK9rwYn_jTp91SdjvU-~A&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 17:06:42 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame D2E8
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tQ7AC-YKk12uCMdctA_fCucOl1auW8JWtwROe5Tz
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tQ7AC-YKk12uCMdctA_fCucOl1auW8JWtwROe5Tz
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
67.199.150.86 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tQ7AC-YKk12uCMdctA_fCucOl1auW8JWtwROe5Tz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C91C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFiMWQwYzU3YmY1NGYwMjBkMjY0OWZmNWM3ODNkMTQ1ODVlZTM4YQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFiMWQwYzU3YmY1NGYwMjBkMjY0OWZmNWM3ODNkMTQ1ODVlZTM4YQ
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFiMWQwYzU3YmY1NGYwMjBkMjY0OWZmNWM3ODNkMTQ1ODVlZTM4YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C91C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/i-LExY4hJkePT7hrosRYGA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2032478179009483625
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2032478179009483625
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Content-Type
image/gif

Redirect headers

date
Fri, 23 Sep 2022 17:06:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2032478179009483625
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame C91C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=796f91f5-6c19-4310-9d8e-96dcf5bed3d0&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
setuid
px.ads.linkedin.com/ Frame C91C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EQJ7UW-4-7HYR
0
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EQJ7UW-4-7HYR
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 31A4D16AF22E464A9AD8B21EC77B8373 Ref B: MEL01EDGE0816 Ref C: 2022-09-23T17:06:43Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpWzPAsV2cnlgp3syn5w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EQJ7UW-4-7HYR
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C91C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Av6cIrlxTyW_2uQ-njo8xA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Av6cIrlxTyW_2uQ-njo8xA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Av6cIrlxTyW_2uQ-njo8xA
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:44 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
F70ZQVAXRKMETAV5R0E0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Av6cIrlxTyW_2uQ-njo8xA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame C91C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=aDnM8ovLRLqLI8JgcKAOQw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aDnM8ovLRLqLI8JgcKAOQw
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aDnM8ovLRLqLI8JgcKAOQw
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:43 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
2MTCJ3BRFN8R16NYYT3B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=aDnM8ovLRLqLI8JgcKAOQw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C91C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKEH6uO1EMoKmC9bvVkufDA&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKEH6uO1EMoKmC9bvVkufDA&google_cver=1
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKEH6uO1EMoKmC9bvVkufDA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C91C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFUUo3VVctNC03SFlS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFUUo3VVctNC03SFlS
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFUUo3VVctNC03SFlS
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
truncated
/ Frame 89E8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ce41d6a3482778598be8fc7dd6ce703df6099fc19179ad8bf86d512ad0f232b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 95EA 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404672816&pubOrder=3065307254&cb=1567628727&custom=homepage&custom3=168400271&adsafe_par&impId=16773bff-3b62-11ed-944d-02aa41dfc264
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.47.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-59.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
daddc797c353b28216270baf1ab8cbca500e40868699b2167a5fa0553efdc933

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame F753 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:41:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
354326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 14:41:16 GMT
truncated
/ Frame 222B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b31457d82cc8a6eda395f7cb5eccd3e723dce14ef989f8a80b95464a1794fb0f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3B7D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date
Fri, 23 Sep 2022 17:06:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
2667695426079974765_1663210826930_script.js
massets.bonzai.co/ Frame 89E8 		355 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/2667695426079974765_1663210826930_script.js
Requested by
Host: invoke.bonzai.co
URL: https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2667695426079974765&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2668893237469588086&rnd=442779201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8aecd453ecab4f8fe3d75b3ee162a5ae60eb75f1a2e96ae77120b5af6d585a19

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 05:44:58 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 03:00:36 GMT
server
AmazonS3
age
645705
etag
"319e4e9c7772b71899a2d14a3be6f966"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
cache-control
max-age=31104000
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
162240
x-amz-cf-id
E9yxFyDbPUb7aAL5otAYEHRt7bnIeHlwDm72f_zapWWZeVOBBiiYrw==
rec
collector.bonzai.co/ Frame 89E8 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=pre-preimp&tk=e8bbcae8b2814452c9de402d82cb6dac&ad=2667695426079974765&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.94.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-94-181.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
B28556856.345858790;dc_pre=COfT452zq_oCFdCScAodrpIBrA;dc_trk_aid=537689582;dc_trk_cid=178087208;ord=442779201;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/ Frame 89E8
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28556856.345858790;dc_trk_aid=537689582;dc_trk_cid=178087208;ord=442779201;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
  • https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28556856.345858790;dc_pre=COfT452zq_oCFdCScAodrpIBrA;dc_trk_aid=537689582;dc_trk_cid=178087208;ord=442779201;dc_lat=;dc_rdid=;tag_...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28556856.345858790;dc_pre=COfT452zq_oCFdCScAodrpIBrA;dc_trk_aid=537689582;dc_trk_cid=178087208;ord=442779201;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N558804.2144923NEWSCORPAU/B28556856.345858790;dc_pre=COfT452zq_oCFdCScAodrpIBrA;dc_trk_aid=537689582;dc_trk_cid=178087208;ord=442779201;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rec
collector.bonzai.co/ Frame 89E8 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?mode=test&adid=2667695426079974765&tk=e8bbcae8b2814452c9de402d82cb6dac&domain=www.geelongadvertiser.com.au&pagename=/
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.94.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-94-181.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6C6A 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy3nnpaHoO2gg_757ik6gQAAEq0AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.175.9 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-175-9.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 6C6A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACMvU7GW88AAB40f0rw4g&expiration=1665162403
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACMvU7GW88AAB40f0rw4g&expiration=1665162403
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df5ff8fc3779-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fCZ8jb4JIAuzAmlN%2FJBMv1FaR6oqJWKG7M7orirGyUKUfHApxASX2QJznt4xzdvvkZpXKzQQ6ZbU06Gu6sqoZfJlhKezgl3kRSmm2mZcFtRTdS3pUldI9j98hepLxDs47hVXmrw7qDDyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACMvU7GW88AAB40f0rw4g&expiration=1665162403
Date
Fri, 23 Sep 2022 17:06:43 GMT
Server
gunicorn
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 6C6A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3810868978671773715
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3810868978671773715
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df59bde23779-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BmvzRL9r%2BL3oQpWg65T24dFBRvM929zD%2FFYUIA34xfkfp4GkMRd84f8dR05qUqlA6ZHe68xcj318icvj6gh1PU%2FqJ%2BD10r0H3LKHShkbGoUcBgeYJMHB%2BN5KuN4ncN1DnR5NeR1h7i4%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3810868978671773715
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 6C6A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nnwAAAJwOyQN8
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nnwAAAJwOyQN8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df590d993779-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FboQjXEKNU3njtBLLdlm0hK4lRxmod1POyT62xU45hneIH2ZjIB6pVnx2U%2F7x3wfR0OTHkJqIeIfzIXRLfOtfxdngEhmvTmJlekhXdJlt%2FrxWJ7lnqsuN%2FGqU5FLOkArJ8qRsAENhi2rUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663952803.630989,VS0,VE0
x-served-by
cache-mel11223-MEL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nnwAAAJwOyQN8
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum.casalemedia.com/ Frame 6C6A
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=558f1ef6-60c1-98ff-5d1b76c6
43 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=558f1ef6-60c1-98ff-5d1b76c6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df5b492f3774-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuMcUOrVFaT%2BBSSqU8OOLJGdyv2pg%2F2PW%2FUSEh059K3GqHoOS2be%2FgQV2zsLCD6pdBnC7gDrPVo2ec1XIwseeVfHpWv%2FXJhcpDrRPG0ryRYQnC9Sicrwc6pKJ9RhAPioUyYxllLU"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Sep 2022 17:06:42 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=558f1ef6-60c1-98ff-5d1b76c6
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
ibs:dpid=23728&dpuuid=Yy3nnpaHoO2gg-757ik6gQAA%264781
dpm.demdex.net/ Frame 6C6A 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nnpaHoO2gg-757ik6gQAA%264781?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.51.167 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-51-167.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v038-08d2cbcb2.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/6kCpspqTRs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 6C6A
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_632de7a30454e&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632de7a30454e
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632de7a30454e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df5cbf513779-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ffk2%2Be484jSifqZDUwc2GOQKkiEbwaL0bPGRfCzRKRmCB3pKUQxKDZFGweNL%2Fh7cYrL8QMPZMHE6l6KV7V8q8OVwQlAxFn77CT7q%2BhtbDxQjreYgWfsM1YpWztc3rzeO6yy5HLtImVYrVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Sep 2022 17:06:43 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632de7a30454e
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum.casalemedia.com/ Frame 6C6A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5813278693740145724
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5813278693740145724
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df5b191f3774-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHTtczgkFPU4lhmA2wHEfgUjhCYJTE3qCEuzwQkU%2FT9ZsGH%2FczrHzvbo3HckFJNMxJfFsLrGDKfFd7PPCZ5OTZ87CJmmBJaxJtLViITWihIXj4OKenC4gg0%2BFsHzth54hDT38hn3"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:42 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
30d7fd6e-c2f1-4051-876a-451082b030b7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5813278693740145724
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6C6A 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yy3nnpaHoO2gg-757ik6gQAA%264781
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df59a87517c9-MEL
date
Fri, 23 Sep 2022 17:06:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
206
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Fri, 23 Sep 2022 21:06:42 GMT
async_usersync
ib.adnxs.com/ Frame 9EB8 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:42 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2ff2b820-1cc2-4100-a069-2499ec49689b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DC46 		624 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQo-roAhi_mc3TATAB&v=APEucNUpaibyvlzvplOR3f2yqQtFjftXr1qEGsW3Yg4OzayQ5ibej4zm1ZRXQT7uRLTabwJhqsCT1fuCGKqUTHbp7dzZ4ifMiQ
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B873 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpU1i7-o4uhKaVVnysHkRkNuNXwX6YdDai3o-suiukyXIIdmObcr9LtV61uRItGFvq6piQrBb_xLCToRFkL0v6sXwFk52lBG4GuZLn3wM9ZBAbDsAva493gY7zoQ84NJI2JGOOaO-BExzZzRYaWAWDnwaUAnicXIsqpls2FWFe-h97eUo&dbm_d=AKAmf-BYbQfZaE8kDMYpLXOlTEQ2HtkCZoyi_No5zwMF3U28Z0TpvnyCjZmgo2OeDWCQGVXKU2Rwwf4h9DrDKeJD9IPtiEIu-XkbD9prgR_JUGV8TQw7EsMO63A_Bvpm8NkFsNat23u0dU-EkYrYY1Lpc3_4eWolskGOj1H9ha-6yoEocFPNFgiXLcwxJPs7L0WF4WR1f2DYFCZo8IzIfVRcdB36wS_7vF-yXyCA5o_8VpaOgro5T_y76DnUAKFdgM8BIBEzp5ZaRqUEegV6Drz2VlJD9iAXSTxiQD94qOrXYazg909HrInrtLQ0bhGPcXVUG7G9ZenEHQ1mD4Oo1MNNezK39bCgYz-VBUyzBovnp6sSTL7ocQLguioTjlvQn2QKsDGo-4ly9QBjCNsFxQyxot30W6zRd3mQWYA5Yg0uke4JgNwttWnbutYMI67Kyw83anXnRAj6MVGIZIIs62HvqJcAswSrpUgYiUaP3Xlsx9FRxJxpKmL_OY35C2qEecLPHcAc5-j1Lv3UTx1BJ7qDGeh5OoiQUiDrUgYawzavP5wqxg3P4GANbyfPzHYYf8Q7gZrUvFlAOANUftbvQyklK9mQZ1a8ivdALCLRZGVhAUUmjzSiq7YkZKeaIMGuxOehaZVABZraWVraBcUhXwJyrl3cuI-WvjM9suPMrRZmDIVcC486ixY5i4mdTpZ1W2m2gxQX0O5hs_KnZJv3klHE3q9j3GnUj2XWUcipaEFObXSSru3RapTeMgrvdVHQFV7HseZUdommvif07eEPwaOAdDezR9jleaUDKlLbkwHeqsKPvlKfMam_7xY-S7UItliqvTIG2hSivCXA1mzzT-aJ9plOkmnD23OcaO0AvGzVPrKYdoeeo-rps_xCLan8I1rPD7_DF9FXFaUGfXVxCzA6h1XXV3KYIxTm9dqEDrkrP4TIiq_AmzaPLNg3DUltNqsq0WV9KVKq1NGR6Io4HxVJVO-3hHQpJucxT1gF6uMqSZKyri_gXW98oZIOD8xCGz3jxuV_TAfZsSeUStBhgT2KFMpzxMYO7WDaiqghN1d2XuktLi5gY-LPYNKkwFGVLrwS2YCpScCWUgawebc2cVuYIJg3PNzx-5ffHPJdRLJFCVJjM9c538W3uzZe4EIWv7RNaRVCLqD8cLeP6NY2Sx5CuqXrKNy6LmUcR8yrkmrvCqFw86SRCI49TdYx3Ua7WoAHihO82X_vSiP6eLIdcQ2YcGwrt7KVUovg4-inQMe2PKgFhXyikgfVNZKrqJ4BDZpYfvvRkm1ssMsQalorNR4tCfKg3oP-yl9Uj8nszQNZNqAU05LaKDiyFKTgineH3tVb_27d1wdjoZI6-oGHaWnDLxpv8HUs27V3tbCfY7w-1_1tGktqQNVwgoK2PwvLaok_GDZP1ARz8PztxFhMx_JE7yGNT3lsY5DciF5LBLiRtCJxeKHDAtVdIQ7NR_ZrJUVDmlXGJys0GpPpDGYqRvCVm7lAK4H-3_61uBDdaJ89GXSt9A1sZG6Xr4JBKygEMH3LDGIxEgRYMNf4-JMs1tsF66Qv-FhwA0LKHoZmBj10F4LoxDcujo56jJosXWSa8HV5F0TibFNz0jJr7inUJUJmv4a1EZ-ckKFdgqOE7EKNojC654bbRb6Sr54aKjoJoJNy2VgmY6_oziMad1seGqAFd0CmtiKj8IptKs8myjRb4LAkWrqXloicXfqSx4vZf6pGJB1mDjgHdJKAzQzGr8GlbLdOAW_DwRLLyerdieQD2cSqN_tsucOViF38dDGWJRQtXcWLqX8KUdUUspTQt82ck3Z85c0MCakTWJhO_SeZ-jSm5rmET3owzTAklAKcbXI3b4NjtZmPh_ER8CjvNqIGocPIa6lK-AsSAZS141-83Sqe6uvuECk7_NEhKOCVI4poYbjorDn65dLVwHKwUKcD80PfLX6kspkzB-OkEJvyp6B0Y6K7UYotRy7iLbaz3PRdppaEzDY5PiBA3B4tj0fQGJbyLCLCPUcF4jaL-fbneXUsZmqH4otxAOUFzvhtCdZ5cg3dYP7vHz3wgs_S8ZN03F8bXxnyZ_R5R3Spbg2ejssSpDSl_3ej37et1DLFNbpQA1xe3Uds0Y676tzLEYYFEAXPUE3I18woXVAk-sO9Q_ZzDgliB4SDFWtm3s05pQ9Ppk21R34S1ErOwEduJrDhw3hKSMMkSMTGP2wbtNotik_cQh-gk5wjE4Fs_IGULlNxYnF_8R2fCAFGWK72GUO4woSR_X0muWq0nkluOQN5lMsmS3YMarp6R-yuhEl31cJNeTzIOtSC_zy_E_kQtLfCW8XDIuAEN9J0NytE3Aem0sNIl_c7C-tnTfruXjijvz1mYxZL1-GtgAjLzvmnYA7qPXrYqBZ_7ZM3UnZ69xJOyoEGR1kXJIxQkkaiYFyQn4EoLl5GmfWOb5pjrssqreNq2TLFQWNQF1eqrZjqXZtgZBrfNQTDG1KIJz0ywx0sfRxuO8hUfcPxjWhsH1HmVw70h72niAJkS-Xxp_xroiHndrVgzA6eLCdIUtEm40Pdo4vpN1-n2UlG4gICAWNA-wHDlCKilDDKeGdvUzBhq6rdHfNnnFU1xvgEM5hWia3HzjVlakeQNHoaZasShFjp-6Mo-ARtaIwD5nlkckS7LHavzqCdcSWG3Kyg11lY98KMz_fX8bfij-95wW72MylCAQngFaZpvwtFFhkaeDpsrgNi3aZzJOcFH2I0ngdqRUQfcfhi6YZ0XPl1N9BQA0mJHAiVo05NrNF9wA-fFzb9uVj9OnUAVJHKBSm6s36tjzrF5wQgMnrd2q33Ro4UXCpxRJoUSyxx-HSxa7WAxZOBkT0mnTE1LKMAeKFKMz-unbQouzYdB_sXmWXGCG8KfPKZf4NtnIw3zlXiT5VAqDPBkx9Ybqg3-1Z366HiTknb-5vapkDhb6djnzuCXbfgomT9w0wcS7a5_R2sLX11Gqc3C-6OszjpP1wJz628gIq-kBnoIdTJ3Xg7klwIUI4kjXXpNbVTOO-qk9pdymvI4bX8fY5C4mgPn8XtncIvX8ZauIUb5j17RmQqOd-_ebaIheu317d5gebCJxy6uTfPakz_JseP6NQVWpeR_-fyXr49CP2qeVkLm1H__RIzDMt7iuQUPcHM3R4jBrYCVKGDRglxVDiF-2Fa5jQi4ymWvKzFqmi69DfKJY-tt0MTFy0bp56E1ntSBqjo3qK9HbXWK1XaoiKNoqO_hq2bHWMhVtP_DA84OM6nj2s8p6maclNNSB_uenUDmgsI5QXQVyNGLkp0Haa-fuT7H_agyez9zgLwMHd3I_Up3iAiftruj8slc0d-ED5DZ8rM0dr69PB_o2yEkDPkBLCFNzJOfFArLiA8kNdWzZmYOUUXYdTjZ9YtRCmWGRXTq5_tQd3MAw&cid=CAASJeRok9W7gDyVWys_eY6_KTIKoM0IALz19ebbWFqqSPRJS2bRwVM&rfl=1%2Chttps%253A%252F%252Fwww.geelongadvertiser.com.au%252F%240
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e954e99d65d154ca3059d0fbb369689e1897f468ce1c1ad09af09df6ab77ad34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B873 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cf6i1OqciDtzeHAe98UnM5WTF8YEdiA52xwtN-wf9E2_5eI3Sr9YbFTxnauQp9ihMJefxfSqBIzaWqAgLjs2u1nVpeA2zzZcxBURLayXkqIMS5Qg0
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B873 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:51:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 16:51:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame B873 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:51:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 16:51:12 GMT
l
www.google.com/ads/measurement/ Frame B873 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhTpjSZxzJsA9yWisEOX-sc2fpKrlueSd2E59OsVWz6Pk6-XxRj9VydfUc0drT1Z4KJETab9W67pA7k1FR9RM_Z8Ng8w
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B873 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:06:42 GMT
jload
pixel.adsafeprotected.com/ Frame A37B 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404672819&pubOrder=3065307254&cb=1941731089&custom=homepage&custom3=168400271&adsafe_par&impId=16773c02-3b62-11ed-944d-02aa41dfc264
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.47.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-59.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
5035025cc7ae3d7c302310072d53271a1ebdf33669b83081b8a6658f2eb6cb2f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 222B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuO3d0i0m1hxOE1FE14jgy27pnoZHto-MIuYkTH-OCP13ZjRAog1pCgrPVJjoZvxiSnpXQzs2GJfe59rq1p3iPlTrICf9KJoOa_I6QHn83xPQkHJlTpS_08eyTnXJvnYTnZWm7TDqEq54cRwN4X0eKp0arvg1SH7VGpHnd_1B-92wX6mT5K1a-miMmIc3dRUVnkVNUKhHn-scf65JWCPE23i8aFRAkeIacA_Xl0gCaYLJ3EfVv_gJvd5uK3aVWdLKplpWdrWYzwwTXjDKYKMSEV7lbun6KIC__BdgSd6K4lT92OqN8s0gH5Dcc8dTopYEipJangI6cV_KcFNPE&sai=AMfl-YThGSL8yWc2W4kJ5udsMLdGyrgTqnKvq1MoNihiud5gZ3BFSzACGgxdjzMjhj-pXRAgL48K5-nEc3WYDgsob-MUfYtfgVPZp0vMFNb47r870yKyCVq3h4gzBkVJRy0&sig=Cg0ArKJSzCABgh34_rtoEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 23 Sep 2022 17:06:42 GMT
B28556856.345858787;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2682109654;ord=yuwxm9;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstLpnRqL_UqS3f5bFSC1Se89lIv...
ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/ Frame F753 		61 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28556856.345858787;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2682109654;ord=yuwxm9;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstLpnRqL_UqS3f5bFSC1Se89lIvHQjvYmxgvc2ETpFxdsa2gYGYLXarG54sAthf8C3xrQBfDwUvG5ijRx5wKLV8t209DEqsq1CFoIyem86kdTZElNme0iNNE5OJnK9Sz3gg4W2okQmVPhF594Usr6-BcSl4dLDn1pxuhziVvBolJrXC-Me-m8CjhecHk9GC3xk4adqqbZATdKvRMWezg9Qhw__2-UyRo_p3mzBS18Z06RRmsc783wVn2r6iuKy1qTbSDyP5TTAA7Nvhi-QsKogIx-ykT_9VRGlZomF3UBq04ugc1fhOWLjUQdvFS4d8q6TiP2vFzg79%26sai%3DAMfl-YSnl4SOdA2TvEbxWvNU-hLq7KPi_W2d0YM7VLFiIgqc9txpGjzn4SI0tu8qjNyjTDPvXCaWMeLdSjZEfsZQO_LQO7xNv3peuy-oL_7e4qChJ-lv_xHzNb6pwZAODGE%26sig%3DCg0ArKJSzIGNXNqriDrWEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.geelongadvertiser.com.au%2F$0;xdt=0;crlt=kHlV1lVJm(;stc=1;chaa=1;sttr=505;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
cafe /
Resource Hash
881060a5339221b943c81d0087dc08103dc4695c70906bb3346c1336172f7641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27944
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.352.js
static.adsafeprotected.com/ Frame 95EA 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404672816&pubOrder=3065307254&cb=1567628727&custom=homepage&custom3=168400271&adsafe_par&impId=16773bff-3b62-11ed-944d-02aa41dfc264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
605706
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
content-type
application/javascript
x-amz-cf-id
EV3-xf3qYMYOMPZuSnp963MakeaBGJK5oPlNEGxyXLuctXzci1_Qhg==
main.19.8.352.js
static.adsafeprotected.com/ Frame A37B 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404672819&pubOrder=3065307254&cb=1941731089&custom=homepage&custom3=168400271&adsafe_par&impId=16773c02-3b62-11ed-944d-02aa41dfc264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
605706
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
content-type
application/javascript
x-amz-cf-id
T9638WSonsmA5uwO1TnIpRlAYWdv7ph-_QdJquyPGvY0zvzVzgiNPA==
rum
dsum-sec.casalemedia.com/ Frame DC46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQo-roAhi_mc3TATAB&v=APEucNUpaibyvlzvplOR3f2yqQtFjftXr1qEGsW3Yg4OzayQ5ibej4zm1ZRXQT7uRLTabwJhqsCT1fuCGKqUTHbp7dzZ4ifMiQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df5caf493779-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVR0PAtMfQbje8YJE%2Bd9b3M1ndMEM92Py%2BXNTSmxYGima6%2BfrM%2BOdnEPecTqMIHUTlY%2BoKIbaWe02P6ZEQfMEqegwpZvrZEEdzZze1XXfqQoekYAytx8Bmf7LXMoI7NroeAv65udNJP5Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DC46
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy3nnpaHoO2gg-757ik6gQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQo-roAhi_mc3TATAB&v=APEucNUpaibyvlzvplOR3f2yqQtFjftXr1qEGsW3Yg4OzayQ5ibej4zm1ZRXQT7uRLTabwJhqsCT1fuCGKqUTHbp7dzZ4ifMiQ
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f4df5ee86b3779-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn04zE%2F73HnOHGt4ZIMVuB5vDFARtI7Nl7rwHEoSGoH8uz1GobZU6L2PQDf7EsoWis4p9eo6IwbmXEUgFJbyYrFS834kpZmCp13DZzXkgf1Xoa1PWn5qmzTR415bPiBZDBB6j6S3Fnq2KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKuoe8K4PHjKaZYASaea4KM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DC46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA_Epf6MQImB3q6WNDBM9l0&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEA_Epf6MQImB3q6WNDBM9l0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQo-roAhi_mc3TATAB&v=APEucNUpaibyvlzvplOR3f2yqQtFjftXr1qEGsW3Yg4OzayQ5ibej4zm1ZRXQT7uRLTabwJhqsCT1fuCGKqUTHbp7dzZ4ifMiQ
Protocol
HTTP/1.1
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:43 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8563ca45-a772-479e-a899-cb53d43286ef
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEA_Epf6MQImB3q6WNDBM9l0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC46
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxMzI3ODY5Mzc0MDE0NTcyNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxMzI3ODY5Mzc0MDE0NTcyNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQo-roAhi_mc3TATAB&v=APEucNUpaibyvlzvplOR3f2yqQtFjftXr1qEGsW3Yg4OzayQ5ibej4zm1ZRXQT7uRLTabwJhqsCT1fuCGKqUTHbp7dzZ4ifMiQ
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 17:06:43 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
089a07c7-6501-4403-8d66-8ead00d5b0d9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxMzI3ODY5Mzc0MDE0NTcyNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1179759/65813174/ Frame B873 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1179759/65813174/skeleton.js?ias_dspID=3&ias_campId=1009193284&ias_pubId=pub-9172700587175332&ias_chanId=1&ias_placementId=18349508807&bidurl=https://www.geelongadvertiser.com.au/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jjC-6O3hAXaiymdqPxxCfH
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.47.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-59.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ccde03951d7d2c1a09c1cfddf44fea924fbac79faa2e4bddd01a43ac7a05ed4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B873 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
Origin
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 11:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 11:05:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame B873 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpU1i7-o4uhKaVVnysHkRkNuNXwX6YdDai3o-suiukyXIIdmObcr9LtV61uRItGFvq6piQrBb_xLCToRFkL0v6sXwFk52lBG4GuZLn3wM9ZBAbDsAva493gY7zoQ84NJI2JGOOaO-BExzZzRYaWAWDnwaUAnicXIsqpls2FWFe-h97eUo&dbm_d=AKAmf-BYbQfZaE8kDMYpLXOlTEQ2HtkCZoyi_No5zwMF3U28Z0TpvnyCjZmgo2OeDWCQGVXKU2Rwwf4h9DrDKeJD9IPtiEIu-XkbD9prgR_JUGV8TQw7EsMO63A_Bvpm8NkFsNat23u0dU-EkYrYY1Lpc3_4eWolskGOj1H9ha-6yoEocFPNFgiXLcwxJPs7L0WF4WR1f2DYFCZo8IzIfVRcdB36wS_7vF-yXyCA5o_8VpaOgro5T_y76DnUAKFdgM8BIBEzp5ZaRqUEegV6Drz2VlJD9iAXSTxiQD94qOrXYazg909HrInrtLQ0bhGPcXVUG7G9ZenEHQ1mD4Oo1MNNezK39bCgYz-VBUyzBovnp6sSTL7ocQLguioTjlvQn2QKsDGo-4ly9QBjCNsFxQyxot30W6zRd3mQWYA5Yg0uke4JgNwttWnbutYMI67Kyw83anXnRAj6MVGIZIIs62HvqJcAswSrpUgYiUaP3Xlsx9FRxJxpKmL_OY35C2qEecLPHcAc5-j1Lv3UTx1BJ7qDGeh5OoiQUiDrUgYawzavP5wqxg3P4GANbyfPzHYYf8Q7gZrUvFlAOANUftbvQyklK9mQZ1a8ivdALCLRZGVhAUUmjzSiq7YkZKeaIMGuxOehaZVABZraWVraBcUhXwJyrl3cuI-WvjM9suPMrRZmDIVcC486ixY5i4mdTpZ1W2m2gxQX0O5hs_KnZJv3klHE3q9j3GnUj2XWUcipaEFObXSSru3RapTeMgrvdVHQFV7HseZUdommvif07eEPwaOAdDezR9jleaUDKlLbkwHeqsKPvlKfMam_7xY-S7UItliqvTIG2hSivCXA1mzzT-aJ9plOkmnD23OcaO0AvGzVPrKYdoeeo-rps_xCLan8I1rPD7_DF9FXFaUGfXVxCzA6h1XXV3KYIxTm9dqEDrkrP4TIiq_AmzaPLNg3DUltNqsq0WV9KVKq1NGR6Io4HxVJVO-3hHQpJucxT1gF6uMqSZKyri_gXW98oZIOD8xCGz3jxuV_TAfZsSeUStBhgT2KFMpzxMYO7WDaiqghN1d2XuktLi5gY-LPYNKkwFGVLrwS2YCpScCWUgawebc2cVuYIJg3PNzx-5ffHPJdRLJFCVJjM9c538W3uzZe4EIWv7RNaRVCLqD8cLeP6NY2Sx5CuqXrKNy6LmUcR8yrkmrvCqFw86SRCI49TdYx3Ua7WoAHihO82X_vSiP6eLIdcQ2YcGwrt7KVUovg4-inQMe2PKgFhXyikgfVNZKrqJ4BDZpYfvvRkm1ssMsQalorNR4tCfKg3oP-yl9Uj8nszQNZNqAU05LaKDiyFKTgineH3tVb_27d1wdjoZI6-oGHaWnDLxpv8HUs27V3tbCfY7w-1_1tGktqQNVwgoK2PwvLaok_GDZP1ARz8PztxFhMx_JE7yGNT3lsY5DciF5LBLiRtCJxeKHDAtVdIQ7NR_ZrJUVDmlXGJys0GpPpDGYqRvCVm7lAK4H-3_61uBDdaJ89GXSt9A1sZG6Xr4JBKygEMH3LDGIxEgRYMNf4-JMs1tsF66Qv-FhwA0LKHoZmBj10F4LoxDcujo56jJosXWSa8HV5F0TibFNz0jJr7inUJUJmv4a1EZ-ckKFdgqOE7EKNojC654bbRb6Sr54aKjoJoJNy2VgmY6_oziMad1seGqAFd0CmtiKj8IptKs8myjRb4LAkWrqXloicXfqSx4vZf6pGJB1mDjgHdJKAzQzGr8GlbLdOAW_DwRLLyerdieQD2cSqN_tsucOViF38dDGWJRQtXcWLqX8KUdUUspTQt82ck3Z85c0MCakTWJhO_SeZ-jSm5rmET3owzTAklAKcbXI3b4NjtZmPh_ER8CjvNqIGocPIa6lK-AsSAZS141-83Sqe6uvuECk7_NEhKOCVI4poYbjorDn65dLVwHKwUKcD80PfLX6kspkzB-OkEJvyp6B0Y6K7UYotRy7iLbaz3PRdppaEzDY5PiBA3B4tj0fQGJbyLCLCPUcF4jaL-fbneXUsZmqH4otxAOUFzvhtCdZ5cg3dYP7vHz3wgs_S8ZN03F8bXxnyZ_R5R3Spbg2ejssSpDSl_3ej37et1DLFNbpQA1xe3Uds0Y676tzLEYYFEAXPUE3I18woXVAk-sO9Q_ZzDgliB4SDFWtm3s05pQ9Ppk21R34S1ErOwEduJrDhw3hKSMMkSMTGP2wbtNotik_cQh-gk5wjE4Fs_IGULlNxYnF_8R2fCAFGWK72GUO4woSR_X0muWq0nkluOQN5lMsmS3YMarp6R-yuhEl31cJNeTzIOtSC_zy_E_kQtLfCW8XDIuAEN9J0NytE3Aem0sNIl_c7C-tnTfruXjijvz1mYxZL1-GtgAjLzvmnYA7qPXrYqBZ_7ZM3UnZ69xJOyoEGR1kXJIxQkkaiYFyQn4EoLl5GmfWOb5pjrssqreNq2TLFQWNQF1eqrZjqXZtgZBrfNQTDG1KIJz0ywx0sfRxuO8hUfcPxjWhsH1HmVw70h72niAJkS-Xxp_xroiHndrVgzA6eLCdIUtEm40Pdo4vpN1-n2UlG4gICAWNA-wHDlCKilDDKeGdvUzBhq6rdHfNnnFU1xvgEM5hWia3HzjVlakeQNHoaZasShFjp-6Mo-ARtaIwD5nlkckS7LHavzqCdcSWG3Kyg11lY98KMz_fX8bfij-95wW72MylCAQngFaZpvwtFFhkaeDpsrgNi3aZzJOcFH2I0ngdqRUQfcfhi6YZ0XPl1N9BQA0mJHAiVo05NrNF9wA-fFzb9uVj9OnUAVJHKBSm6s36tjzrF5wQgMnrd2q33Ro4UXCpxRJoUSyxx-HSxa7WAxZOBkT0mnTE1LKMAeKFKMz-unbQouzYdB_sXmWXGCG8KfPKZf4NtnIw3zlXiT5VAqDPBkx9Ybqg3-1Z366HiTknb-5vapkDhb6djnzuCXbfgomT9w0wcS7a5_R2sLX11Gqc3C-6OszjpP1wJz628gIq-kBnoIdTJ3Xg7klwIUI4kjXXpNbVTOO-qk9pdymvI4bX8fY5C4mgPn8XtncIvX8ZauIUb5j17RmQqOd-_ebaIheu317d5gebCJxy6uTfPakz_JseP6NQVWpeR_-fyXr49CP2qeVkLm1H__RIzDMt7iuQUPcHM3R4jBrYCVKGDRglxVDiF-2Fa5jQi4ymWvKzFqmi69DfKJY-tt0MTFy0bp56E1ntSBqjo3qK9HbXWK1XaoiKNoqO_hq2bHWMhVtP_DA84OM6nj2s8p6maclNNSB_uenUDmgsI5QXQVyNGLkp0Haa-fuT7H_agyez9zgLwMHd3I_Up3iAiftruj8slc0d-ED5DZ8rM0dr69PB_o2yEkDPkBLCFNzJOfFArLiA8kNdWzZmYOUUXYdTjZ9YtRCmWGRXTq5_tQd3MAw&cid=CAASJeRok9W7gDyVWys_eY6_KTIKoM0IALz19ebbWFqqSPRJS2bRwVM&rfl=1%2Chttps%253A%252F%252Fwww.geelongadvertiser.com.au%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:48:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 16:48:50 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame B873 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpU1i7-o4uhKaVVnysHkRkNuNXwX6YdDai3o-suiukyXIIdmObcr9LtV61uRItGFvq6piQrBb_xLCToRFkL0v6sXwFk52lBG4GuZLn3wM9ZBAbDsAva493gY7zoQ84NJI2JGOOaO-BExzZzRYaWAWDnwaUAnicXIsqpls2FWFe-h97eUo&dbm_d=AKAmf-BYbQfZaE8kDMYpLXOlTEQ2HtkCZoyi_No5zwMF3U28Z0TpvnyCjZmgo2OeDWCQGVXKU2Rwwf4h9DrDKeJD9IPtiEIu-XkbD9prgR_JUGV8TQw7EsMO63A_Bvpm8NkFsNat23u0dU-EkYrYY1Lpc3_4eWolskGOj1H9ha-6yoEocFPNFgiXLcwxJPs7L0WF4WR1f2DYFCZo8IzIfVRcdB36wS_7vF-yXyCA5o_8VpaOgro5T_y76DnUAKFdgM8BIBEzp5ZaRqUEegV6Drz2VlJD9iAXSTxiQD94qOrXYazg909HrInrtLQ0bhGPcXVUG7G9ZenEHQ1mD4Oo1MNNezK39bCgYz-VBUyzBovnp6sSTL7ocQLguioTjlvQn2QKsDGo-4ly9QBjCNsFxQyxot30W6zRd3mQWYA5Yg0uke4JgNwttWnbutYMI67Kyw83anXnRAj6MVGIZIIs62HvqJcAswSrpUgYiUaP3Xlsx9FRxJxpKmL_OY35C2qEecLPHcAc5-j1Lv3UTx1BJ7qDGeh5OoiQUiDrUgYawzavP5wqxg3P4GANbyfPzHYYf8Q7gZrUvFlAOANUftbvQyklK9mQZ1a8ivdALCLRZGVhAUUmjzSiq7YkZKeaIMGuxOehaZVABZraWVraBcUhXwJyrl3cuI-WvjM9suPMrRZmDIVcC486ixY5i4mdTpZ1W2m2gxQX0O5hs_KnZJv3klHE3q9j3GnUj2XWUcipaEFObXSSru3RapTeMgrvdVHQFV7HseZUdommvif07eEPwaOAdDezR9jleaUDKlLbkwHeqsKPvlKfMam_7xY-S7UItliqvTIG2hSivCXA1mzzT-aJ9plOkmnD23OcaO0AvGzVPrKYdoeeo-rps_xCLan8I1rPD7_DF9FXFaUGfXVxCzA6h1XXV3KYIxTm9dqEDrkrP4TIiq_AmzaPLNg3DUltNqsq0WV9KVKq1NGR6Io4HxVJVO-3hHQpJucxT1gF6uMqSZKyri_gXW98oZIOD8xCGz3jxuV_TAfZsSeUStBhgT2KFMpzxMYO7WDaiqghN1d2XuktLi5gY-LPYNKkwFGVLrwS2YCpScCWUgawebc2cVuYIJg3PNzx-5ffHPJdRLJFCVJjM9c538W3uzZe4EIWv7RNaRVCLqD8cLeP6NY2Sx5CuqXrKNy6LmUcR8yrkmrvCqFw86SRCI49TdYx3Ua7WoAHihO82X_vSiP6eLIdcQ2YcGwrt7KVUovg4-inQMe2PKgFhXyikgfVNZKrqJ4BDZpYfvvRkm1ssMsQalorNR4tCfKg3oP-yl9Uj8nszQNZNqAU05LaKDiyFKTgineH3tVb_27d1wdjoZI6-oGHaWnDLxpv8HUs27V3tbCfY7w-1_1tGktqQNVwgoK2PwvLaok_GDZP1ARz8PztxFhMx_JE7yGNT3lsY5DciF5LBLiRtCJxeKHDAtVdIQ7NR_ZrJUVDmlXGJys0GpPpDGYqRvCVm7lAK4H-3_61uBDdaJ89GXSt9A1sZG6Xr4JBKygEMH3LDGIxEgRYMNf4-JMs1tsF66Qv-FhwA0LKHoZmBj10F4LoxDcujo56jJosXWSa8HV5F0TibFNz0jJr7inUJUJmv4a1EZ-ckKFdgqOE7EKNojC654bbRb6Sr54aKjoJoJNy2VgmY6_oziMad1seGqAFd0CmtiKj8IptKs8myjRb4LAkWrqXloicXfqSx4vZf6pGJB1mDjgHdJKAzQzGr8GlbLdOAW_DwRLLyerdieQD2cSqN_tsucOViF38dDGWJRQtXcWLqX8KUdUUspTQt82ck3Z85c0MCakTWJhO_SeZ-jSm5rmET3owzTAklAKcbXI3b4NjtZmPh_ER8CjvNqIGocPIa6lK-AsSAZS141-83Sqe6uvuECk7_NEhKOCVI4poYbjorDn65dLVwHKwUKcD80PfLX6kspkzB-OkEJvyp6B0Y6K7UYotRy7iLbaz3PRdppaEzDY5PiBA3B4tj0fQGJbyLCLCPUcF4jaL-fbneXUsZmqH4otxAOUFzvhtCdZ5cg3dYP7vHz3wgs_S8ZN03F8bXxnyZ_R5R3Spbg2ejssSpDSl_3ej37et1DLFNbpQA1xe3Uds0Y676tzLEYYFEAXPUE3I18woXVAk-sO9Q_ZzDgliB4SDFWtm3s05pQ9Ppk21R34S1ErOwEduJrDhw3hKSMMkSMTGP2wbtNotik_cQh-gk5wjE4Fs_IGULlNxYnF_8R2fCAFGWK72GUO4woSR_X0muWq0nkluOQN5lMsmS3YMarp6R-yuhEl31cJNeTzIOtSC_zy_E_kQtLfCW8XDIuAEN9J0NytE3Aem0sNIl_c7C-tnTfruXjijvz1mYxZL1-GtgAjLzvmnYA7qPXrYqBZ_7ZM3UnZ69xJOyoEGR1kXJIxQkkaiYFyQn4EoLl5GmfWOb5pjrssqreNq2TLFQWNQF1eqrZjqXZtgZBrfNQTDG1KIJz0ywx0sfRxuO8hUfcPxjWhsH1HmVw70h72niAJkS-Xxp_xroiHndrVgzA6eLCdIUtEm40Pdo4vpN1-n2UlG4gICAWNA-wHDlCKilDDKeGdvUzBhq6rdHfNnnFU1xvgEM5hWia3HzjVlakeQNHoaZasShFjp-6Mo-ARtaIwD5nlkckS7LHavzqCdcSWG3Kyg11lY98KMz_fX8bfij-95wW72MylCAQngFaZpvwtFFhkaeDpsrgNi3aZzJOcFH2I0ngdqRUQfcfhi6YZ0XPl1N9BQA0mJHAiVo05NrNF9wA-fFzb9uVj9OnUAVJHKBSm6s36tjzrF5wQgMnrd2q33Ro4UXCpxRJoUSyxx-HSxa7WAxZOBkT0mnTE1LKMAeKFKMz-unbQouzYdB_sXmWXGCG8KfPKZf4NtnIw3zlXiT5VAqDPBkx9Ybqg3-1Z366HiTknb-5vapkDhb6djnzuCXbfgomT9w0wcS7a5_R2sLX11Gqc3C-6OszjpP1wJz628gIq-kBnoIdTJ3Xg7klwIUI4kjXXpNbVTOO-qk9pdymvI4bX8fY5C4mgPn8XtncIvX8ZauIUb5j17RmQqOd-_ebaIheu317d5gebCJxy6uTfPakz_JseP6NQVWpeR_-fyXr49CP2qeVkLm1H__RIzDMt7iuQUPcHM3R4jBrYCVKGDRglxVDiF-2Fa5jQi4ymWvKzFqmi69DfKJY-tt0MTFy0bp56E1ntSBqjo3qK9HbXWK1XaoiKNoqO_hq2bHWMhVtP_DA84OM6nj2s8p6maclNNSB_uenUDmgsI5QXQVyNGLkp0Haa-fuT7H_agyez9zgLwMHd3I_Up3iAiftruj8slc0d-ED5DZ8rM0dr69PB_o2yEkDPkBLCFNzJOfFArLiA8kNdWzZmYOUUXYdTjZ9YtRCmWGRXTq5_tQd3MAw&cid=CAASJeRok9W7gDyVWys_eY6_KTIKoM0IALz19ebbWFqqSPRJS2bRwVM&rfl=1%2Chttps%253A%252F%252Fwww.geelongadvertiser.com.au%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1840
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 16:36:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame F753 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28556856.345858787;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2682109654;ord=yuwxm9;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstLpnRqL_UqS3f5bFSC1Se89lIvHQjvYmxgvc2ETpFxdsa2gYGYLXarG54sAthf8C3xrQBfDwUvG5ijRx5wKLV8t209DEqsq1CFoIyem86kdTZElNme0iNNE5OJnK9Sz3gg4W2okQmVPhF594Usr6-BcSl4dLDn1pxuhziVvBolJrXC-Me-m8CjhecHk9GC3xk4adqqbZATdKvRMWezg9Qhw__2-UyRo_p3mzBS18Z06RRmsc783wVn2r6iuKy1qTbSDyP5TTAA7Nvhi-QsKogIx-ykT_9VRGlZomF3UBq04ugc1fhOWLjUQdvFS4d8q6TiP2vFzg79%26sai%3DAMfl-YSnl4SOdA2TvEbxWvNU-hLq7KPi_W2d0YM7VLFiIgqc9txpGjzn4SI0tu8qjNyjTDPvXCaWMeLdSjZEfsZQO_LQO7xNv3peuy-oL_7e4qChJ-lv_xHzNb6pwZAODGE%26sig%3DCg0ArKJSzIGNXNqriDrWEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.geelongadvertiser.com.au%2F$0;xdt=0;crlt=kHlV1lVJm(;stc=1;chaa=1;sttr=505;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 16:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1841
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 16:36:02 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F753 		0
566 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJ8ZW2gfKRuzQByYzsuWkfTy5NfXBoosFqMeLb9y6w5sGuMQfR3S8cPBa47heiIfZZGdmt74D1TsliYKmO13ddulXc6W8RsNTTJmO0faARt47HNyThooyAQXsFqTq4oompjYv7Ijx7pMZQ5fxC2I13cz_UHgYUSde85XrEcbSb9bVuQZNK&sig=Cg0ArKJSzE0QbBlg7V3iEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220921.45204&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28556856.345858787;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2682109654;ord=yuwxm9;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstLpnRqL_UqS3f5bFSC1Se89lIvHQjvYmxgvc2ETpFxdsa2gYGYLXarG54sAthf8C3xrQBfDwUvG5ijRx5wKLV8t209DEqsq1CFoIyem86kdTZElNme0iNNE5OJnK9Sz3gg4W2okQmVPhF594Usr6-BcSl4dLDn1pxuhziVvBolJrXC-Me-m8CjhecHk9GC3xk4adqqbZATdKvRMWezg9Qhw__2-UyRo_p3mzBS18Z06RRmsc783wVn2r6iuKy1qTbSDyP5TTAA7Nvhi-QsKogIx-ykT_9VRGlZomF3UBq04ugc1fhOWLjUQdvFS4d8q6TiP2vFzg79%26sai%3DAMfl-YSnl4SOdA2TvEbxWvNU-hLq7KPi_W2d0YM7VLFiIgqc9txpGjzn4SI0tu8qjNyjTDPvXCaWMeLdSjZEfsZQO_LQO7xNv3peuy-oL_7e4qChJ-lv_xHzNb6pwZAODGE%26sig%3DCg0ArKJSzIGNXNqriDrWEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.geelongadvertiser.com.au%2F$0;xdt=0;crlt=kHlV1lVJm(;stc=1;chaa=1;sttr=505;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sz6jfbnf7.js
cdn.krxd.net/controltag/ Frame F753 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sz6jfbnf7.js?
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28556856.345858787;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2682109654;ord=yuwxm9;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstLpnRqL_UqS3f5bFSC1Se89lIvHQjvYmxgvc2ETpFxdsa2gYGYLXarG54sAthf8C3xrQBfDwUvG5ijRx5wKLV8t209DEqsq1CFoIyem86kdTZElNme0iNNE5OJnK9Sz3gg4W2okQmVPhF594Usr6-BcSl4dLDn1pxuhziVvBolJrXC-Me-m8CjhecHk9GC3xk4adqqbZATdKvRMWezg9Qhw__2-UyRo_p3mzBS18Z06RRmsc783wVn2r6iuKy1qTbSDyP5TTAA7Nvhi-QsKogIx-ykT_9VRGlZomF3UBq04ugc1fhOWLjUQdvFS4d8q6TiP2vFzg79%26sai%3DAMfl-YSnl4SOdA2TvEbxWvNU-hLq7KPi_W2d0YM7VLFiIgqc9txpGjzn4SI0tu8qjNyjTDPvXCaWMeLdSjZEfsZQO_LQO7xNv3peuy-oL_7e4qChJ-lv_xHzNb6pwZAODGE%26sig%3DCg0ArKJSzIGNXNqriDrWEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.geelongadvertiser.com.au%2F$0;xdt=0;crlt=kHlV1lVJm(;stc=1;chaa=1;sttr=505;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a664604e1419e2d44aca4ec63a70e26d9d77dbe885343ddc1bb486e2ed608bb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Fri, 23 Sep 2022 17:06:43 GMT
via
1.1 varnish, 1.1 varnish
age
109
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
5493
x-served-by
config-service-a006-ash-prod.krxd.net, cache-iad-kiad7000064-IAD, cache-mel11244-MEL
x-response-time
0
x-do-esi
esi
x-timer
S1663952803.405492,VS0,VE1
etag
"42fccaa015e6e1362362f34b805669045cc98afd"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 1
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F753 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28556856.345858787;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2682109654;ord=yuwxm9;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstLpnRqL_UqS3f5bFSC1Se89lIvHQjvYmxgvc2ETpFxdsa2gYGYLXarG54sAthf8C3xrQBfDwUvG5ijRx5wKLV8t209DEqsq1CFoIyem86kdTZElNme0iNNE5OJnK9Sz3gg4W2okQmVPhF594Usr6-BcSl4dLDn1pxuhziVvBolJrXC-Me-m8CjhecHk9GC3xk4adqqbZATdKvRMWezg9Qhw__2-UyRo_p3mzBS18Z06RRmsc783wVn2r6iuKy1qTbSDyP5TTAA7Nvhi-QsKogIx-ykT_9VRGlZomF3UBq04ugc1fhOWLjUQdvFS4d8q6TiP2vFzg79%26sai%3DAMfl-YSnl4SOdA2TvEbxWvNU-hLq7KPi_W2d0YM7VLFiIgqc9txpGjzn4SI0tu8qjNyjTDPvXCaWMeLdSjZEfsZQO_LQO7xNv3peuy-oL_7e4qChJ-lv_xHzNb6pwZAODGE%26sig%3DCg0ArKJSzIGNXNqriDrWEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.geelongadvertiser.com.au%2F$0;xdt=0;crlt=kHlV1lVJm(;stc=1;chaa=1;sttr=505;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 04:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 04:26:00 GMT
3795463932284264242
s0.2mdn.net/simgad/ Frame F753 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3795463932284264242
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
87eca8f8c44286e6e5620518c550cc3e66cfaf1fa0822ab969c50062c1923f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:05:36 GMT
x-content-type-options
nosniff
age
67
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39878
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 04:48:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 17:05:36 GMT
ad_impression.gif
beacon.krxd.net/ Frame F753 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=sz6jfbnf7&campaignid=28556856&advertiserid=8082718&placementid=345858787&adid=537690197&creativeid=178086839&siteid=4088137
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.246.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-246-46.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1663952803
x-served-by
beacon-n007-pdx-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ad_impression.gif
beacon.krxd.net/ Frame F753 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=sz6jkbf85&campaignid=28556856&advertiserid=8082718&placementid=345858787&adid=537690197&creativeid=178086839&siteid=4088137
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.246.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-246-46.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1663952803
x-served-by
beacon-n003-pdx-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F753 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:06:43 GMT
main.19.8.352.js
static.adsafeprotected.com/ Frame B873 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1179759/65813174/skeleton.js?ias_dspID=3&ias_campId=1009193284&ias_pubId=pub-9172700587175332&ias_chanId=1&ias_placementId=18349508807&bidurl=https://www.geelongadvertiser.com.au/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jjC-6O3hAXaiymdqPxxCfH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
605706
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
content-type
application/javascript
x-amz-cf-id
EdwYvWOjA-YX-lHo_FGznFN9L2ZAlI5G1dWGK4CYkIphntYADDd-yQ==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8554 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
133080
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 04:08:43 GMT
expires
Fri, 22 Sep 2023 04:08:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F753 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e25737f747f71bc7b5a29f23c0278aaadf5a2a70ce8c5dbafdcdccdca25e533

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 7568 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404823462&pubOrder=3065307254&cb=220396473&custom=homepage&custom3=168400271&adsafe_par&impId=16773c00-3b62-11ed-944d-02aa41dfc264
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.47.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-59.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7fc86d2ef8dd26058c4fd2e1f12314d46408a9cc0d5eab9c23ad736ad6fb4d5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame F753 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sz6jfbnf7.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Fri, 23 Sep 2022 17:06:43 GMT
content-encoding
gzip
age
27396112
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
75224
content-length
84509
x-served-by
cache-mel11244-MEL
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1663952804.515067,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
desktop_truskinwww.geelongadvertiser.com.au.js
massets.bonzai.co/c2/jd/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.geelongadvertiser.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667695426079974765_1663210826930_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7876e4f0365934a69b65c92837015d0961961dc1005630d32e858ec2060eb27

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 17:06:44 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 01:00:53 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
etag
"fc946b033b8b1030ce7547934eb5ca43"
x-cache
Miss from cloudfront
content-type
text/javascript
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
cache-control
max-age=0
accept-ranges
bytes
content-length
1016
x-amz-cf-id
uEC8A_Lv3ll2Xk9f7-yu1mXrH3K_C5-hFA6rVWw5bzKc6ZAxhdrEVA==
rec
collector.bonzai.co/ Frame 89E8 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=preimp&tk=e8bbcae8b2814452c9de402d82cb6dac&ad=2667695426079974765&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.94.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-94-181.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px.gif
dcollector.bonzai.co/ Frame 89E8 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTUyODAzNDgyLCJmaSI6ZmFsc2UsInRrIjoiZThiYmNhZThiMjgxNDQ1MmM5ZGU0MDJkODJjYjZkYWMiLCJhZCI6IjI2Njc2OTU0MjYwNzk5NzQ3NjUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY4ODkzMjM3NDY5NTg4MDg2IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiRGV0ZWN0ZWQgU0RLLCBXZWIifQ==&etc=0.1730736263110524
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 18:24:57 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
81707
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN2-P2
accept-ranges
bytes
content-length
35
x-amz-cf-id
OwY5PDhBsadYjIfO5USyEFM9PE6MfOyzTYfr21-mXPQEwfP9Q72qOQ==
rec
collector.bonzai.co/ Frame 89E8 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=imp&tk=e8bbcae8b2814452c9de402d82cb6dac&ad=2667695426079974765
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.94.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-94-181.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F753 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJ8ZW2gfKRuzQByYzsuWkfTy5NfXBoosFqMeLb9y6w5sGuMQfR3S8cPBa47heiIfZZGdmt74D1TsliYKmO13ddulXc6W8RsNTTJmO0faARt47HNyThooyAQXsFqTq4oompjYv7Ijx7pMZQ5fxC2I13cz_UHgYUSde85XrEcbSb9bVuQZNK&sig=Cg0ArKJSzE0QbBlg7V3iEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=324&vt=11&dtpt=323&dett=2&cstd=0&cisv=r20220921.45204&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N558804.2144923NEWSCORPAU/B28556856.345858787;dc_ver=91.268;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2682109654;ord=yuwxm9;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstLpnRqL_UqS3f5bFSC1Se89lIvHQjvYmxgvc2ETpFxdsa2gYGYLXarG54sAthf8C3xrQBfDwUvG5ijRx5wKLV8t209DEqsq1CFoIyem86kdTZElNme0iNNE5OJnK9Sz3gg4W2okQmVPhF594Usr6-BcSl4dLDn1pxuhziVvBolJrXC-Me-m8CjhecHk9GC3xk4adqqbZATdKvRMWezg9Qhw__2-UyRo_p3mzBS18Z06RRmsc783wVn2r6iuKy1qTbSDyP5TTAA7Nvhi-QsKogIx-ykT_9VRGlZomF3UBq04ugc1fhOWLjUQdvFS4d8q6TiP2vFzg79%26sai%3DAMfl-YSnl4SOdA2TvEbxWvNU-hLq7KPi_W2d0YM7VLFiIgqc9txpGjzn4SI0tu8qjNyjTDPvXCaWMeLdSjZEfsZQO_LQO7xNv3peuy-oL_7e4qChJ-lv_xHzNb6pwZAODGE%26sig%3DCg0ArKJSzIGNXNqriDrWEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.geelongadvertiser.com.au%2F$0;xdt=0;crlt=kHlV1lVJm(;stc=1;chaa=1;sttr=505;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame F753 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv0UVP4BD7KNVYj4fFW6sl9r_neMy8whs7tgvA1ddE7Ent9z0YGp_k618hmsPN6jeUSZtVQSjKnPrLGj6ZRf1YYL4s8WU4zBBrcFEplSVl5xrU6Ymhyfk6VT6-HSSRIQtU7JkV1H37AoCb3CXtJPT_8XsIQLZuZmlcFlXguSjAi1CbW2LaDSYevoFky5iIFKFBpzXaMmD68AC3_Mu80xVrbDVRCdfDM_lc0BRwBWLMiRT-hOVIuQKSJEs4GPm8g7rOOaGaJijj8cN2SP7Rjka-SRmD3sDFvN3gf5Vml8fptDtPn1RqVlzEmOugvqD4HSybZLaYTLRoXPTqnQY&sai=AMfl-YTfwpT70ye1i1Mf7tEnFsH1tTh4_6-aEMooLqWfAE35mUCaUG_r-MT6CJKW3QfYvAbvO1NAhZ5r3RURbDfqCTEo56i92P6SLG8n1WDvPLpMiabSuerJJw-E7igV_7Q&sig=Cg0ArKJSzJmETZlSjtnaEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 23 Sep 2022 17:06:43 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 8554 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:55:59 GMT
main.19.8.352.js
static.adsafeprotected.com/ Frame 7568 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404823462&pubOrder=3065307254&cb=220396473&custom=homepage&custom3=168400271&adsafe_par&impId=16773c00-3b62-11ed-944d-02aa41dfc264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
605706
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
content-type
application/javascript
x-amz-cf-id
IfLVGsuohWKtuIjjXTmAozBPVuUbeyPsh5szOrIQ3La2mSAdGfxmVA==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B873 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 04:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 04:26:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E7B1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
39891
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 06:01:52 GMT
etag
48472445140208031
expires
Sat, 24 Sep 2022 06:01:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B873 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ac3115412586231007ee56ebb1214b6ca1f25c83f01fe2919cae588f125dda

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
ad_impression.gif
beacon.krxd.net/ Frame F753 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=28556856&advertiserid=8082718&placementid=345858787&adid=537690197&creativeid=178086839&siteid=4088137&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=5bb1a854-5225-4e13-bbe6-aec479649e32&confid=sz6jfbnf7
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.246.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-246-46.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1663952803
x-served-by
beacon-n008-pdx-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
desktop_truskinwww.geelongadvertiser.com.au.js
massets.bonzai.co/c2/jd/ Frame 89E8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.geelongadvertiser.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2667695426079974765_1663210826930_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7876e4f0365934a69b65c92837015d0961961dc1005630d32e858ec2060eb27

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 17:06:44 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 01:00:53 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
etag
"fc946b033b8b1030ce7547934eb5ca43"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
cache-control
max-age=0
accept-ranges
bytes
content-length
1016
x-amz-cf-id
RH9FYHTS3Xth8hhErp5zH2g2_v5LLL9cIEHbiLOjDjVMB7nrBmpU5g==
5bb1a854-5225-4e13-bbe6-aec479649e32
consumer.krxd.net/consent/get/ Frame F753 		219 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5bb1a854-5225-4e13-bbe6-aec479649e32?idt=device&dt=kxcookie&callback=Krux.ns.myer.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
455e6164d16b21e09f02234143bb7f5957831d33c6ec9e2d4e41b167a4f79859

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:44 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a007-pdx-prod.krxd.net, cache-mel11257-MEL
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1663952804.979876,VS0,VE192
content-length
184
x-cache-hits
0, 0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E7B1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEmecvSnkzDFGgsZ3h8y9cU&google_cver=1&google_push=AZmPxg8bqrqJ6spkkb28FMZCUxv2c6sn7aE6xRtYWOVRNIfo_22FmosiCy0sj3Wuq_HyE1fq5git-OD-wr_lWHdoPh0GAdNexVH0E...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzgxMDg2ODk3ODY3MTc3MzcxNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEmecvSnkzDFGgsZ3h8y9cU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEmecvSnkzDFGgsZ3h8y9cU&google_cver=1
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEmecvSnkzDFGgsZ3h8y9cU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame E7B1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEE1QsJMhgH_CLxUeC6ECpPQ&google_cver=1&google_push=AZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlME9...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE1QsJMhgH_CLxUeC6ECpPQ&google_cver=1&google_push=AZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlM...
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE1QsJMhgH_CLxUeC6ECpPQ&google_cver=1&google_push=AZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlME9PV2Sk62uKHzdx1XA3iDqHY7yCj78v0A7kFJXPSNofsd&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlME9PV2Sk62uKHzdx1XA3iDqHY7yCj78v0A7kFJXPSNofsd%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.64.152.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
74f4df639b735a61-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
619
cf-ray
74f4df61ba0d5a61-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE1QsJMhgH_CLxUeC6ECpPQ&google_cver=1&google_push=AZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlME9PV2Sk62uKHzdx1XA3iDqHY7yCj78v0A7kFJXPSNofsd&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-lTABlovPNLX9R-pR3GNAatapDACfr3qYMhaQSrNEJ1-CraWDebtJ4J4eRw1_7xcdwr7Oup46pvYYn17ySYjZ9LfV-qlME9PV2Sk62uKHzdx1XA3iDqHY7yCj78v0A7kFJXPSNofsd%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E7B1
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEA6uJGO4KEBokBFmgX3Ga2s&google_cver=1&google_push=AZmPxg-XboZPkilu-0uuw9QfTayk5mWtS8invDGoEdtowvKCgmLyMmeeBtkY2HsQWDkjT3F88U19wIiTvrPfaNTHF4jWFUjBLB7e9L3g...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEIwNjI1ODU3NTA4OUFGRQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEIwNjI1ODU3NTA4OUFGRQ==
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEIwNjI1ODU3NTA4OUFGRQ==
date
Fri, 23 Sep 2022 17:06:44 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame E7B1
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESELTyrPaAkJz-qdBHAuHlgcg&google_cver=1&google_push=AZmPxg9S-bm-QNVho_4mESfZ3QGmev8sXZGDPKpYdpH-fjD_tGAS5cxpA1Ky4KCKPPjit6w_Gq01oE_dQryH5nXrKes9...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg9S-bm-QNVho_4mESfZ3QGmev8sXZGDPKpYdpH-fjD_tGAS5cxpA1Ky4KCKPPjit6w_Gq01oE_dQryH5nXrKes9_noBJ3OJIzvIQNUUhKRU9h-wd9B5pU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg9S-bm-QNVho_4mESfZ3QGmev8sXZGDPKpYdpH-fjD_tGAS5cxpA1Ky4KCKPPjit6w_Gq01oE_dQryH5nXrKes9_noBJ3OJIzvIQNUUhKRU9h-wd9B5pUee7MPHTw8gE930W3BUQ0wq
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AZmPxg9S-bm-QNVho_4mESfZ3QGmev8sXZGDPKpYdpH-fjD_tGAS5cxpA1Ky4KCKPPjit6w_Gq01oE_dQryH5nXrKes9_noBJ3OJIzvIQNUUhKRU9h-wd9B5pUee7MPHTw8gE930W3BUQ0wq
date
Fri, 23 Sep 2022 17:06:44 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame E7B1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAan0ZMslXtawj43_XAhsOc&google_cver=1&google_push=AZmPxg8lKrpEDQdJII7vnDMJPG5g6aRw1r6m47WcYOUMlAgNFSNPTcDuYWMaoRd4eVe0AX_AoQBuulU4Nch3V7kTeS79QFmKp8...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQxNTQyMDg4NDkxNzM3Mzc2NDk1Ng%3D%3D&google_push=AZmPxg8lKrpEDQdJII7vnDMJPG5g6aRw1r6m47WcYOUMlAgNFSNPTcDu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQxNTQyMDg4NDkxNzM3Mzc2NDk1Ng%3D%3D&google_push=AZmPxg8lKrpEDQdJII7vnDMJPG5g6aRw1r6m47WcYOUMlAgNFSNPTcDuYWMaoRd4eVe0AX_AoQBuulU4Nch3V7kTeS79QFmKp8ccl78yA1I32giqx4yPlrqBhxHRUGB2QFPJDP_OTxUZJk4
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjQxNTQyMDg4NDkxNzM3Mzc2NDk1Ng%3D%3D&google_push=AZmPxg8lKrpEDQdJII7vnDMJPG5g6aRw1r6m47WcYOUMlAgNFSNPTcDuYWMaoRd4eVe0AX_AoQBuulU4Nch3V7kTeS79QFmKp8ccl78yA1I32giqx4yPlrqBhxHRUGB2QFPJDP_OTxUZJk4
date
Fri, 23 Sep 2022 17:06:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame E7B1
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEDtPKRU2M82E0xCAhREyBeE&google_cver=1&google_push=AZmPxg8IYbEQ5YR-2gn6sXInuW1i5_meMTwB29zyGC9yQDcTe8t-PcCeZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg8IYbEQ5YR-2gn6sXInuW1i5_meMTwB29zyGC9yQDcTe8t-PcCeZCoxKZ-T4DRtmAmDADXwDt3Bel7ZVc1nNwAc1LZJXdTmQUXtdp5_5iiY1aUYunIg4t4fL_aG_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg8IYbEQ5YR-2gn6sXInuW1i5_meMTwB29zyGC9yQDcTe8t-PcCeZCoxKZ-T4DRtmAmDADXwDt3Bel7ZVc1nNwAc1LZJXdTmQUXtdp5_5iiY1aUYunIg4t4fL_aG_8zVjRI4LbbTEAlE2w&google_hm=QlMuZTMyNC01ZGZmLTQ1YWYtOTkwYg==
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg8IYbEQ5YR-2gn6sXInuW1i5_meMTwB29zyGC9yQDcTe8t-PcCeZCoxKZ-T4DRtmAmDADXwDt3Bel7ZVc1nNwAc1LZJXdTmQUXtdp5_5iiY1aUYunIg4t4fL_aG_8zVjRI4LbbTEAlE2w&google_hm=QlMuZTMyNC01ZGZmLTQ1YWYtOTkwYg==
Date
Fri, 23 Sep 2022 17:06:44 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame E7B1
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEMp0cOSylcc42JGygfOA73E&google_cver=1&google_push=AZmPxg_4rp_-4DcoOsF48w56i_7I3Ls60A3TnWfuxdPYoKkeRIoTCvFD4DxWO5aLi6Yw50-A61HgyJ8hX4PqXVXpjAl2OqOyM...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_4rp_-4DcoOsF48w56i_7I3Ls60A3TnWfuxdPYoKkeRIoTCvFD4DxWO5aLi6Yw50-A61HgyJ8hX4PqXVXpjAl2OqOyMhFtObw-BTeuc8GWuxjMgFbF3op1C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_4rp_-4DcoOsF48w56i_7I3Ls60A3TnWfuxdPYoKkeRIoTCvFD4DxWO5aLi6Yw50-A61HgyJ8hX4PqXVXpjAl2OqOyMhFtObw-BTeuc8GWuxjMgFbF3op1CcowZJn6iVac4DnHX5V_BQ&google_hm=YTA3ZTM4ZTc2NWVmZTU2OWY3ZDgxNjRkNTk5ZDQ1MWI=
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_4rp_-4DcoOsF48w56i_7I3Ls60A3TnWfuxdPYoKkeRIoTCvFD4DxWO5aLi6Yw50-A61HgyJ8hX4PqXVXpjAl2OqOyMhFtObw-BTeuc8GWuxjMgFbF3op1CcowZJn6iVac4DnHX5V_BQ&google_hm=YTA3ZTM4ZTc2NWVmZTU2OWY3ZDgxNjRkNTk5ZDQ1MWI=
date
Fri, 23 Sep 2022 17:06:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame E7B1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZ699HwbpnqnUUMdwoOdarPk6ASGoVQa1pcOMXQe5ZSQln1XzZiDdfPajRrA9HW7ZGZNDOjdE
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4656 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
133081
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 04:08:43 GMT
expires
Fri, 22 Sep 2023 04:08:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8554 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNAFbouctY4ClPNqG1Aal94D4DAAAAAA4AeAEAg&bg=!fH-lfzvNAAYIxsuQKMY7ACkAdvg8Ws2gGSCpAe6LWo6R6QCR1cQS7MJnNnQBOYxyUmIgIlFzfW4prgIAAABjUgAAAAFoAQeZAtudx4LQsKW7IVdBvWBUhdNGI5nt9ZxvC6N1s1ljWoXwP16BbTzBuZRA8r0PEfu3K1BtvZZD5VAQAze_nE1hd3QnHvaA41NmYMQHE7mRqefx5cQV8CSVx2GdXyVc1kCsMeBtsGp10X8-w1fi-gYfd1u9_HlBGSB9D5n29mTDFlGIXEXE3-DTj-PwKThBzgcNQveiV1_Og95q4hrzwXyP49JWG_d_1kB4yxZZAOtCrEpLANjOfP9rz1Y4lnODHnbhtB2aAZQ8t2qLPCKUztiL23LBASpoO1Bdfhul0eXrpSgUUWaE1DbUBTB3k2eFcMBxM3qTxVddCkAvWgcGERgJAD-hevmrYqN9tb0XOpEe32yUt31UIVPpLuantOFpXK6bxb-Rl2Ye6v5yybYbU7B1Zkmro4XLjfdNrCTDpCitbE_GldhHLrTLgoEIqmzX3PfXTjRL00WFAH-0IJObzXmHhATWaowXyX0_w5_2Xo0ptmA9ZWhvoqV5k-tzzMpjVXvzwke4L01Ed2A5RXy-D6BmmlT2u8bfa_hmg8Wscgzph5P_zDdA4ml9MQf0N3XW1A_syrq7tjW9-uVxQ6x05uVJj9AS5C1CYEmgRLylIoF92wxdsiT5ZRhPuxC6kmft6BCSLtCGs0EUn2bRxZPZIt4rZhHFEs1ylb5v_W3cWV0sj-mrseWyDjZW8_P2T757yrcem_byn8psrd1jR85acar_aAneD_DpnTQAEY4NB2CaGUbz24DQh8lQE9qvv8w7lXsqjgQepJ0s2LyMdutN5h4GDcPSY6DcPt-dWFzPnrw9j1opMLxBSKFktA3HEXg4T2jzR8qn-S1pCUXv_n_0-ONQTCGad95X6TfKyp-t6Yr_bMkoRDNcLisvcx_c7cgXdU-GbE1ftRg5PEfwdYXDnaanBe92U9IK_VfS0_Vi8dY6Dgzffv57OzerclXb5368I4gDGmqSGJ8NiFbcNGe9SQ
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_S22AnywearAnytime_VH_728x90_____.html
s0.2mdn.net/sadbundle/11225336779930824900/ Frame F310 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11225336779930824900/_S22AnywearAnytime_VH_728x90_____.html?e=69&leftOffset=0&topOffset=0&c=RmVSc8cs3g&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
9945f2c0d779c07ea04ec9e4d44c76870191e59e27e971240a1e0a7ebe3bff38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1549
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:44 GMT
expires
Sat, 23 Sep 2023 17:06:44 GMT
last-modified
Thu, 15 Sep 2022 07:16:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B873 		0
101 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsted74rem1K71vpBh9qWdIlnVAO8TmYaa1KuXib_Uh2rBeb3SdY0l-byaBoqsfyFp6kvJ_UNbi7EcwiiEAV2eY0RxJ6POxHnghyrOUmdipb4yBNctFmlO6NBXhdSSnOS5fWdMHHTIe8TbxsakTwJxJZWzYrmnGRHFwv0AOrWs7-Gdb9m9UWi3yQi6JP5i5zoYeBSz6QKk5kkFJnnUglM1cORpiq4uTSUDXHJcDf1-_lOAqo-GcYGV5VoSrCCZ2GFViyUYmmZTNVGO4tlSH8Snl0ANrrrMrG8D7Inf98jTa-lThiydkFx6efeotz3UWzz1hKnSR6QIrAfKfxJOgH_c7o6PZ-kFEGwWii0CXcTllhc3UvcZncFFA3zamXAggzQBkfgoKjOg26jTs7zNtjOFMufZNjBEStb4eERGuFwvcwfn72V-VyPlEofQTVqP5jRlAdTaP5EK8Q4g2LpC6NptEwjtSPQtQ2fJ892UMzOiKq6xcxqP-uJcJXg5U83klne0OIW5Ckw9D-CtbR9sfILxqqu_NuYpEg3PueiRKLT1V9zgbjA3vnc8sfqqtJR6r71V5iuoDy588eMgBuaASvbSJRFZSpEceZdlUt7bo3Cz-pRLYIqnL0ETd56eXb_PzRjeR8vTXjeaUR7tI8rr3uet6ptjkZ8Wg2RRPainJPkYETWQJX-l1Ets819hsjni9Oq64whc4iIHyQk4bwYnnuul3wP7kUwXyW8xeOwTcsWXIAzoaPVXtv8IrvV40_pW8f2hUTBwNoh1P_WPS8-KdW1_2YzQGh6iLRdDV7bun7dJjAiHPFcB0UztLi1WLE4k4eX3ptiqDgmWGvxfwWtOOHyuAixuTQO45HwPb2UFN2b1WrdmyOrF4T6-4IOLyziWWOyY1in0xGSR1Z-z5LBMHcUGzdGjDzfz8pUFQgdMwmBrXJKQ0LnUUiESu1dOIIx0ZmAqhtw4tMsycS-76vK7APxQsfPzj59t-Nh3OFcVOsyIri4y82Dwyr-vIj9PHCKHDcamhm960ftrY8-E75qlz5_9V7shcw4y9bq1syhnzfGMpQZHzPjnRkQVWQkQKKgUrdZF7s54mCSWZqJdvp9_hKCPHE7-r49GZwwKzvi2prF5Bsl3rwhCb2nCg8g-y0y1NoGkhAxbaHqaOQT8vlUQ7ympHo2WwPmgecwpo5N2ikXQ96hIHCjwwHpZXBtZDg726edHiScJe7hD0cMa4EH09EbCoYKWw3WM_RLD0Owesxwj9f7edvyOwVgwRjEgv4S5jA-PL1DodWEcOf74cwM9V48eeZvzsHRBvOvw&sai=AMfl-YQtdPogp5ReNM7heLbztMzjpldCLSSwwx8pcCZOhTlN-lQQ3U-i21vi8QNHGQ-bXNiNJefmLb0MjQN6HpvUNHo4SXB8q2gEMc8CYegz5t2blCsa8uBRL0VO_F1qwm_cSAXABkP_Zs-IB3JCi5J9DBrFl3lxLGfMaXec7Rh5VbPkGEdWfkxWsqTpuvFu-T7ggckYDmauRyspr3ZaBwrAvFYj&sig=Cg0ArKJSzMOxWIEO2uW0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=836&cbvp=1&cstd=831&cisv=r20220921.13089&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 23 Sep 2022 17:06:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sca.17.6.2.js
static.adsafeprotected.com/ Frame ECE4 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
178228
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
content-type
application/javascript
x-amz-cf-id
lN3t02IMevDYRpFNCYR_QWjF93CtPhGJSmMEpvaMZbeMETSbSVJrJA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=970x250|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404672816&pubOrder=3065307254&cb=1567628727&custom=homepage&custom3=168400271&adsafe_par&impId=16773bff-3b62-11ed-944d-02aa41dfc264&adsafe_url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:e1664b4e-e131-892d-f8b4-8cf2e40a1d12,c:p3FLy9,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5b8fc68f79-njzjf,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:960,mot:0,app:0,maw:0,fm:tihio4n+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1p2%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV.us.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:987,oid:18d79a55-3b62-11ed-bf73-925ee7e571f7,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.47.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e1664b4e-e131-892d-f8b4-8cf2e40a1d12&tv=%7Bc:p3FLyb,pingTime:-8,time:988,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:988,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:985,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B25~0%5D,as:%5B25~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tihio4n+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1p2%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1o*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:987%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 89E8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuH0FYa7PgvTu-Ve-u50PmQzc2KAO0Au5HbGLYfy8qeToC6ATG-ekd9LDj6MZkca5oHer2_0NqQ6eUXcwkOVz8KNz994-1mfMG56GNdvmIv6oWOR3g63sCvKifV108LXf9hq-1_BVsQxraIh9MfcQSZovkVd7S3UC-pslGLHk0eE6ai_4Lr4yZ07D8iGwCM4wx526Cno7jfeFiqxNLPHkYH4PsW8m87Tgsb2rLFbQmEwWEuh0wv8GkTOPRV01MB3TwMSnCExzyI4rbS8eslt-hVCNs38bcbACnKAwvCg7O0z81SexfLwNH2NGa9mwrlfbTkN-kGrSR6MfGM5R8&sai=AMfl-YTqeUMaFzDQC7JTcbrEUZw2Yn6bQQ5Tg9tVD3cojMviVa33G5OI6F3J6ToMzosYIz6dypokIrQMAAqYkYZHB87egTDtQXi0m7aLKdHn2hOweoaYXgsLIt3jFVLer3Q&sig=Cg0ArKJSzIeb9Hv8pkCwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 23 Sep 2022 17:06:44 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e1664b4e-e131-892d-f8b4-8cf2e40a1d12&tv=%7Bc:p3FLyY,pingTime:-2,time:1037,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:685,beZ:686,mfA:1645,cmA:1646,inA:1646,inZ:1651,prA:1651,prZ:1663,si:1672,poA:1674,poZ:1693,cmZ:1693,mfZ:1693,loA:1704,loZ:1707,ltA:1722,ltZ:1722,mdA:687,mdZ:1603%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:985%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1037,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:985,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tihio4n+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1p2%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1o*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV.us.sn,siq:987,slid:%5Bgoogle_ads_iframe_/5129/ndm.gea/home_0,google_ads_iframe_/5129/ndm.gea/home_0__container__,ad-block-728x90-1%5D,sinceFw:47,readyFired:true%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 4656 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:55:59 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e1664b4e-e131-892d-f8b4-8cf2e40a1d12&tv=%7Bc:p3FLzz,time:1074,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1074,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:985,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tihio4n+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1p2%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1o*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:987%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
SPug
simage4.pubmatic.com/AdServer/ Frame D2E8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:44 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Enabler_01_247.js
s0.2mdn.net/879366/ Frame F310 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11225336779930824900/_S22AnywearAnytime_VH_728x90_____.html?e=69&leftOffset=0&topOffset=0&c=RmVSc8cs3g&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11225336779930824900/_S22AnywearAnytime_VH_728x90_____.html?e=69&leftOffset=0&topOffset=0&c=RmVSc8cs3g&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 02:50:23 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame F310 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11225336779930824900/_S22AnywearAnytime_VH_728x90_____.html?e=69&leftOffset=0&topOffset=0&c=RmVSc8cs3g&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
42.99.140.18 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-18.pacnet.net
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:44 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:21:44 GMT
_S22AnywearAnytime_VH_728x90_____.js
s0.2mdn.net/sadbundle/11225336779930824900/ Frame F310 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11225336779930824900/_S22AnywearAnytime_VH_728x90_____.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11225336779930824900/_S22AnywearAnytime_VH_728x90_____.html?e=69&leftOffset=0&topOffset=0&c=RmVSc8cs3g&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
947a98b35c2eefb4199f2317b6624b2c99efe3044659996dac2af34e3346d905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11225336779930824900/_S22AnywearAnytime_VH_728x90_____.html?e=69&leftOffset=0&topOffset=0&c=RmVSc8cs3g&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 23:29:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409014
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5312
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 07:16:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 23:29:50 GMT
optout_check
beacon.krxd.net/ Frame F753 		77 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.myer.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.246.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-246-46.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c72f1da6ca6e03df8e2b5285682ce61fe90699683c2430b8952968e719442b6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:44 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=41 t=1663952804
x-served-by
beacon-n008-pdx-prod.krxd.net
content-type
text/javascript
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2FA1 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
178228
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
content-type
application/javascript
x-amz-cf-id
5H5szRLcsVwDJDlAGRbax1Rdv6x-mAIbXgFEFJtsVwY5DKdhwnZITw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404672819&pubOrder=3065307254&cb=1941731089&custom=homepage&custom3=168400271&adsafe_par&impId=16773c02-3b62-11ed-944d-02aa41dfc264&adsafe_url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:472b39ef-c4de-d0b1-a823-59c693ed68ae,c:p3FLE2,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5b8fc68f79-sld4l,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:0.12439.1.1,am:i,cc:0.12439.1.1,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1337,mot:0,app:0,maw:0,fm:tihio4p+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q%7C1r*.10507%7C1r1%7C1s1%7C1s2%7C1s31%7C1s4,idMap:1r*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:A.qs.tn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1350,oid:18d79a3a-3b62-11ed-ac1b-d6e8e7fb258b,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.47.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=472b39ef-c4de-d0b1-a823-59c693ed68ae&tv=%7Bc:p3FLEu,pingTime:-2,time:1377,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:458,beZ:459,mfA:1794,cmA:1795,inA:1795,inZ:1796,prA:1796,prZ:1802,si:1807,poA:1807,poZ:1815,cmZ:1815,mfZ:1815,loA:1822,loZ:1824,ltA:1834,ltZ:1834,mdA:459,mdZ:1769%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1663952804423,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1,h:1,t:1349%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1377,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1349,wc:0.0.1600.1200,ac:0.12439.1.1,am:i,cc:0.12439.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tihio4p+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q%7C1r*.10507%7C1r1%7C1s1%7C1s2%7C1s31%7C1s4,idMap:1r*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:A.qs.tn,siq:1350,slid:%5Bgoogle_ads_iframe_/5129/ndm.gea/home_3,google_ads_iframe_/5129/ndm.gea/home_3__container__,ad-block-1000x50-1%5D,sinceFw:27,readyFired:true%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
1px.gif
dcollector.bonzai.co/ Frame 89E8 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTUyODA0NDM2LCJmaSI6ZmFsc2UsInRrIjoiZThiYmNhZThiMjgxNDQ1MmM5ZGU0MDJkODJjYjZkYWMiLCJhZCI6IjI2Njc2OTU0MjYwNzk5NzQ3NjUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY4ODkzMjM3NDY5NTg4MDg2IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBmdW5jdGlvbiBjYWxsZWQsIGR0c01haW4ifQ==&etc=0.9085698061482621
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 18:24:57 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
81708
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN2-P2
accept-ranges
bytes
content-length
35
x-amz-cf-id
5XoxuF6RvCl5IxJRaBqK-tXMUALcqu3LIZ9Xg3UO4EDzUi0CoZcJ_g==
rec
collector.bonzai.co/ Frame 89E8 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJicGlkIjoiZHRzTWFpbiIsInBhZ2VJZCI6ImR0c01haW4iLCJ3aWR0aCI6MTkyMCwiaGVpZ2h0IjoxMDgwLCJldiI6ImluaXRpYWxfYnAiLCJldm4iOiJpbml0aWFsX2JwIiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwibyI6InBvcnRyYWl0IiwiY3R6IjowLCJjdHMiOjE2NjM5NTI4MDQ0MzksIm1vZGUiOiJsaXZlIiwidGsiOiJlOGJiY2FlOGIyODE0NDUyYzlkZTQwMmQ4MmNiNmRhYyIsImFkIjoiMjY2NzY5NTQyNjA3OTk3NDc2NSJ9&etc=0.7056485774160981
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.94.181 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-94-181.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		63 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4a763d1b4e03ffed30b88d1ee7fbc36eba020b4268177e8a695add318807f8f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/jpeg
cfebd13f-a6df-4c9a-b9c2-8806ab713b88_v1_5.jpg
massets.bonzai.co/ Frame 89E8 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/cfebd13f-a6df-4c9a-b9c2-8806ab713b88_v1_5.jpg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a1abc1985483e3c1c35c7fc046e12678010e8737461f78ad7128e82cc6fd7ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 05:44:59 GMT
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 02:51:50 GMT
server
AmazonS3
age
645706
etag
"12c853e22258738ef33b37fec7a2a11e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
37628
x-amz-cf-id
-5ka9Qbdm072yDUP-bE1QWuCUYXcFDemdPXFNmsUIldMn64QlSZqWg==
dd610c58-4f99-47fd-9ff1-d214c9726cf6_v1_5.jpg
massets.bonzai.co/ Frame 89E8 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/dd610c58-4f99-47fd-9ff1-d214c9726cf6_v1_5.jpg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f471e4e6239c6414b10d6e38e001d5f7a228fe8c79dde4168fce1d335f101f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 05:44:59 GMT
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 02:51:59 GMT
server
AmazonS3
age
645706
etag
"f3dec41d1aee2fdc6d8c4ae5e824e611"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
97860
x-amz-cf-id
dSVZjB2qnG_2DHhdOnXIp5ReJzPo8SdabswnAQO-xxyt8HRMpRVcMg==
2a0e0cd2-6453-4011-b840-b8107d206193_v1_5.jpg
massets.bonzai.co/ Frame 89E8 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/2a0e0cd2-6453-4011-b840-b8107d206193_v1_5.jpg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7f8eb491b8b2c7b556d6882cc9321bd23e6fe83bc2b0e93abe72d46b06ef78e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 05:44:59 GMT
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 02:51:30 GMT
server
AmazonS3
age
645706
etag
"87ee2c506294bef91ab00966ad5b290f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
79321
x-amz-cf-id
a5Jrhy96vuN3Jw3Cfhk5B2rW2Q5z4M49Y1wMyzyK-Caeiwq6IdRBlg==
84651272-2f5c-4fb9-aef7-0e981d569a79_v1_5.jpg
massets.bonzai.co/ Frame 89E8 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/84651272-2f5c-4fb9-aef7-0e981d569a79_v1_5.jpg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c720c21c903c566e013764c44eaf1dbd0c81f5a5fbaf4003ebb1458689c6c0b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 05:44:59 GMT
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 02:51:46 GMT
server
AmazonS3
age
645706
etag
"3f906c74c0619b2fd335bab86b319a49"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
10421
x-amz-cf-id
H-oen4gZOeZyt72gwEGe2V82ccxe_NN3i9nv53v3FNe9i9oR5ARCnA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4656 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSOecouctY-rvO-WP9fwP9puPuA4AAAAAOAHgBAI&bg=!FhWlFVHNAAYIxsuQKMY7ACkAdvg8Wk3w0Z6oJ01yzYRzU-3e_b2YFdvFllFwTRKY3MdtWJR6gt02OwIAAAB1UgAAAANoAQcKABufhCcY2plfoEi7MVOKulrheL44XO7Vn-5_1SaZAwMV5OZ_Y1F6LY2YMFg6y2-wABCJwfBqiHRy5bwE6uIc4O-wbVcC8wjTiV9HHyTcXo4um1N6Fey6-xMeKFJQ2FiFdjbkd_KcAS8Z4z13QRWj4s6-UL6ntyvFXaoxFqAyfP3AEKyv2q5q_rN86SD8uE1Zf_eoFs2pq6Mzu4uyy4Z22yU34d2mMGYnxsW6Rm8iHVaO4W7t4Uu-VW72lmBUE5GJkUX5Z68hhz3ICE-V03teVaPE2ezR_aU-UL8Mi-z6EGqACQeM_Iq5XN2h5bVIpGzhFaEncwasZ3axbsuZCrelazQYIFhSvZ1UoXghzx0No6cM9H2dd3b5WbLRUx-aZ_HmQT4NfhJgng5Au4bzyiUYDUFhsHHoB30p_8ZynKj4ISvzeCrfmIhJ-fcDcdRXu6MiDG2fkAj3f1PobyyMfMC0G5AL2dTMeXPcGnVFGyqsVZTuaS8-N4H5BnDNr3kAmPgHul8tBfLn80FtT-dHoaBpdp4skCYAMaZNLJqe_ZLan6-GYl6p1LJt1PAh1XEc4VP8_xCzTNUzsnfsnAIExT6cEl8C9AFZHfHasAfoAZ1RZULY81uiLIxPQFxbuTgFXNxRqYuH_SMpQT_RUkmU7y0UFC95wgcJB2YdpTPR64TH10QLho1Kfrky9L5rLyI8ujHgUmP0DRO1_smA_xZ64SrCH4ygAKLJs0cCR7IhQxATRwfCG5Zja40ID2VFcIpBbACZK0FMdksan0S121R8cw7_zj9VIwFAa5XYuUgbORzXX2MOY-kaXuwspZSwsxvyKxDGdCvsqZ_UmqgPF1iv4-mRscuGHeC_SKA8emXOXo1Aa2bghwD5CTT8mCUhYz4RH7PVgcw1uvnmZjOayv982hRHR71tD44G6i-N1OsYgW30urRqiZ4Tjmav0PR3MaTxvlQnJEttYKoJYzUmNM-rqT_2K55KgOafrY9XMDKdMVCdQEadtYlOhv1DWwK2XiAABQVlX0vdd7MpLhE6vQb2KfsLRwxPZoqIBD2GmWZLy5S4oebJ-Qs
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=472b39ef-c4de-d0b1-a823-59c693ed68ae&tv=%7Bc:p3FLFo,time:1433,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1433,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1349,wc:0.0.1600.1200,ac:0.12439.1.1,am:i,cc:0.12439.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B94~0%5D,as:%5B94~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tihio4p+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q%7C1r*.10507%7C1r1%7C1s1%7C1s2%7C1s31%7C1s4,idMap:1r*,rmeas:1,rend:1,renddet:A.qs.tn,siq:1350%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame F753 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstI6QDV1MTePTrmN8yAzXt01j3hRi9msJumk34L4rYJx6DzLWRZGoiapU0C-keX7kURw6xxpngA7dIV1A-SF8A4_djICQuM7WA&sig=Cg0ArKJSzNi545X4a_SqEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=2682109654&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663952802034&rpt=1480&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F753 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYZ-b9RzXA4vrVCU413kpmoG29IPNCseyWeo01QsU-Ppu5cv0c3ASyd5G-fFKGgKemPvjqPmYNiWKji6kBCl9DqKph_8SmQXuVIEPmrHx2LG1ZEzxBekTIrZq_2sEd6KZoVS0-erP1Pc8Lmzd7-lVVwAULbNTitajIDEtZAR9qQ9LwrGcVGsjoNXha2kQh8WyhgWBjv7aRepHFNgdCooBh5YBxBhY6U6cQSyGcClhmWJSbCur7kQKbMkiPp4ZzK1J9LXoRJr4LSdRDmgBbX0Tqk5-L3_2qKchPoOeOieonGceedj_FlFVCbI8sSvsqSgFmhTlXuPsGZkDqbCrcgr8NNww&sai=AMfl-YThZksYo-yiYG7Fzl9JECBYUyn5Z9fFHZLtVvnNqhxO1MsEH88F7O-RbMPfcVOvhJQpCINAGdQ184LdBNs9VBkrs6WoOHWZET3SmKtkE8cLFJDocDsWpXpGIeCpXUA&sig=Cg0ArKJSzGJddS6nvkkVEAE&id=lidar2&mcvt=1002&p=627,1123,877,1423&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220921&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=861514627&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663952802034&rpt=1475&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F310 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
5933d4bb193c0644d744887fbea71dd29799061f42d1bb3e4630599108587ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5619
x-xss-protection
0
skeleton.js
static.adsafeprotected.com/ Frame B873
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1179759/65813174/skeleton.js?ias_dspID=3&ias_campId=1009193284&ias_pubId=pub-9172700587175332&ias_chanId=1&ias_placementId=18349508807&bidurl=https://www.geelo...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
age
19019321
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
qgOzMwEN1Whts-JYotfBj5c3ZaJcbj7uyL6CjqIVUII19-RkP-2Xhg==

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2F51 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
178228
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
content-type
application/javascript
x-amz-cf-id
AlO0dgd0lVAjMcgG_o7wqmrl0xIDyIDmLDa52cHgHzH3X6Lu2ac10w==
dt
dt.adsafeprotected.com/ Frame B873 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1179759&asId=e9e0cb88-c22b-e334-8c5c-b7b46ef75a5c&tv=%7Bc:p3FLHo,pingTime:-3,time:1297,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:1280%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1297,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1280,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B25~0%5D,as:%5B25~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tihio8B+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s*.1179759-65813174%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1s*,rmeas:1,rend:0,renddet:na,siq:1281%7D&br=c
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B873 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1179759&asId=e9e0cb88-c22b-e334-8c5c-b7b46ef75a5c&tv=%7Bc:p3FLHr,pingTime:-6,time:1300,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1300,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1280,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tihio4n+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o.10507%7C1o1%7C1o2%7C1p1%7C1p2%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s*.1179759-65813174%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1s*,rmeas:1,rend:0,renddet:na,siq:1281%7D&tpiLookup=ao:www.geelongadvertiser.com.au*&br=c
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B873 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1179759&asId=e9e0cb88-c22b-e334-8c5c-b7b46ef75a5c&tv=%7Bc:p3FLHy,pingTime:-2,time:1307,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1235,beZ:1237,mfA:2506,cmA:2506,inA:2506,inZ:2507,prA:2507,prZ:2514,si:2516,poA:2517,poZ:2525,cmZ:2525,mfZ:2525,loA:2535,loZ:2538,ltA:2542,ltZ:2542,mdA:1237,mdZ:2483%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:1280%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1307,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1280,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tihio4n+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o.10507%7C1o1%7C1o2%7C1p1%7C1p2%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s*.1179759-65813174%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1s*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:1281,sinceFw:26,readyFired:true%7D&br=c
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.6.2.js
static.adsafeprotected.com/ Frame 453F 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-119.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
178228
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P3
content-type
application/javascript
x-amz-cf-id
eWYwnyNDF6VFJEQIEjI-6xUkF4gzbU3VfP3V0yTfYnCcNgWQ0SAywQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=54134231&chanId=171858671&placementId=6084598215&pubCreative=138404823462&pubOrder=3065307254&cb=220396473&custom=homepage&custom3=168400271&adsafe_par&impId=16773c00-3b62-11ed-944d-02aa41dfc264&adsafe_url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:43adb765-cffc-59a8-efa8-a04cae03b20c,c:p3FLJG,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-5b8fc68f79-gs69b,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1123.583.300.250,am:i,cc:1123.583.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1142,mot:0,app:0,maw:0,fm:tihiodf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5,idMap:1p*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1151,oid:19450245-3b62-11ed-8a84-0a1c18a11ef9,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.47.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-47-59.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:44 GMT
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43adb765-cffc-59a8-efa8-a04cae03b20c&tv=%7Bc:p3FLJS,pingTime:0,time:1163,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1163,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1151,wc:0.0.1600.1200,ac:1123.583.300.250,am:i,cc:1123.583.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B21~100%5D,as:%5B21~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tihiodf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:1151%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43adb765-cffc-59a8-efa8-a04cae03b20c&tv=%7Bc:p3FLJZ,pingTime:-2,time:1170,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:178,beZ:179,mfA:1320,cmA:1320,inA:1320,inZ:1321,prA:1321,prZ:1326,si:1329,poA:1329,poZ:1338,cmZ:1338,mfZ:1338,loA:1344,loZ:1346,ltA:1348,ltZ:1348,mdA:180,mdZ:1309%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1170,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1151,wc:0.0.1600.1200,ac:1123.583.300.250,am:i,cc:1123.583.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~100%5D,as:%5B28~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tihiodf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5,idMap:1p*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1151,slid:%5Bgoogle_ads_iframe_/5129/ndm.gea/home_1,google_ads_iframe_/5129/ndm.gea/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:19,readyFired:true%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
cfebd13f-a6df-4c9a-b9c2-8806ab713b88_v1_5.jpg
massets.bonzai.co/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/cfebd13f-a6df-4c9a-b9c2-8806ab713b88_v1_5.jpg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a1abc1985483e3c1c35c7fc046e12678010e8737461f78ad7128e82cc6fd7ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 05:44:59 GMT
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 02:51:50 GMT
server
AmazonS3
age
645706
etag
"12c853e22258738ef33b37fec7a2a11e"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
37628
x-amz-cf-id
iNXdaJw0VUe8jqBE-5z1SsPMTYIP8uEfrfWBPTX9B0iffh4EOeKq3A==
dd610c58-4f99-47fd-9ff1-d214c9726cf6_v1_5.jpg
massets.bonzai.co/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/dd610c58-4f99-47fd-9ff1-d214c9726cf6_v1_5.jpg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f471e4e6239c6414b10d6e38e001d5f7a228fe8c79dde4168fce1d335f101f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 05:44:59 GMT
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 02:51:59 GMT
server
AmazonS3
age
645706
etag
"f3dec41d1aee2fdc6d8c4ae5e824e611"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
97860
x-amz-cf-id
cN2NhcnNd6zirrL3I3CdBVzYb7Ehhy75O85cNaJ0sfeC0GrYxs0EDA==
2a0e0cd2-6453-4011-b840-b8107d206193_v1_5.jpg
massets.bonzai.co/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/2a0e0cd2-6453-4011-b840-b8107d206193_v1_5.jpg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7f8eb491b8b2c7b556d6882cc9321bd23e6fe83bc2b0e93abe72d46b06ef78e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 05:44:59 GMT
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 02:51:30 GMT
server
AmazonS3
age
645706
etag
"87ee2c506294bef91ab00966ad5b290f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
79321
x-amz-cf-id
wE_7xmb6lsK3BUsGA2-zqBzrlCydj-ff7g3vROiqqHiNGh76OrVi2Q==
84651272-2f5c-4fb9-aef7-0e981d569a79_v1_5.jpg
massets.bonzai.co/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/84651272-2f5c-4fb9-aef7-0e981d569a79_v1_5.jpg
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-125.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c720c21c903c566e013764c44eaf1dbd0c81f5a5fbaf4003ebb1458689c6c0b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 05:44:59 GMT
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 02:51:46 GMT
server
AmazonS3
age
645706
etag
"3f906c74c0619b2fd335bab86b319a49"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
SIN2-C1
accept-ranges
bytes
content-length
10421
x-amz-cf-id
Yq3yvBCZOFkULmNjVFPLvNi53Y5uaZCvR0myo9nHnWmvds6fCH_z6A==
1px.gif
dcollector.bonzai.co/ Frame 89E8 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTUyODA0ODA0LCJmaSI6ZmFsc2UsInRrIjoiZThiYmNhZThiMjgxNDQ1MmM5ZGU0MDJkODJjYjZkYWMiLCJhZCI6IjI2Njc2OTU0MjYwNzk5NzQ3NjUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY4ODkzMjM3NDY5NTg4MDg2IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSByZWFkeSwgKiJ9&etc=0.7294716716349718
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 18:24:57 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
81708
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN2-P2
accept-ranges
bytes
content-length
35
x-amz-cf-id
7IQ8-J1fvV4RYaaScNpi4NxoDMv23MA-9xNhEW6KmlRR8cUkDifyqg==
1px.gif
dcollector.bonzai.co/ Frame 89E8 		35 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTUyODA0ODMzLCJmaSI6ZmFsc2UsInRrIjoiZThiYmNhZThiMjgxNDQ1MmM5ZGU0MDJkODJjYjZkYWMiLCJhZCI6IjI2Njc2OTU0MjYwNzk5NzQ3NjUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY4ODkzMjM3NDY5NTg4MDg2IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSByZWFkeSwgZHRzTWFpbiJ9&etc=0.49962883535123526
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 18:24:57 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
81708
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN2-P2
accept-ranges
bytes
content-length
35
x-amz-cf-id
Qs52lZKo-lNrH4udF60C6OnDsYQ7OExl4en0gIXUbTW4lAFeLhiB3g==
1px.gif
dcollector.bonzai.co/ Frame 89E8 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTUyODA0ODQ4LCJmaSI6ZmFsc2UsInRrIjoiZThiYmNhZThiMjgxNDQ1MmM5ZGU0MDJkODJjYjZkYWMiLCJhZCI6IjI2Njc2OTU0MjYwNzk5NzQ3NjUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY4ODkzMjM3NDY5NTg4MDg2IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBsb2FkLCAqIn0=&etc=0.48296698880370226
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 18:24:57 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
81708
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN2-P2
accept-ranges
bytes
content-length
35
x-amz-cf-id
ZIrNS65eCqvu_pZK_AgTz0dssS-_0WyYDSUJgYkdVoxAUu-hyQ7fZQ==
1px.gif
dcollector.bonzai.co/ Frame 89E8 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTUyODA0ODQ4LCJmaSI6ZmFsc2UsInRrIjoiZThiYmNhZThiMjgxNDQ1MmM5ZGU0MDJkODJjYjZkYWMiLCJhZCI6IjI2Njc2OTU0MjYwNzk5NzQ3NjUiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY4ODkzMjM3NDY5NTg4MDg2IiwiY3MiOiIiLCJzY3IiOiJib256YWlfc2NyaXB0XzAiLCJtZXNzYWdlIjoiUGFnZSBsb2FkLCBkdHNNYWluIn0=&etc=0.14409579367089886
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-67.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 22 Sep 2022 18:24:57 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
81708
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN2-P2
accept-ranges
bytes
content-length
35
x-amz-cf-id
PkRt_tGNp-qkoIeSpVBrpPFYsRNYCXyHelgAMFHwQW8v4keWCY1haA==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43adb765-cffc-59a8-efa8-a04cae03b20c&tv=%7Bc:p3FLLM,time:1281,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1281,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1151,wc:0.0.1600.1200,ac:1123.583.300.250,am:i,cc:1123.583.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B139~100%5D,as:%5B139~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tihiodf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:1151%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e1664b4e-e131-892d-f8b4-8cf2e40a1d12&tv=%7Bc:p3FLP6,pingTime:-10,time:2037,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663952805091%7C%7C3925352a33d385113cbe032a5b970c97%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C77052d5b9f9015b317b59052a4e94e06%7C%7Ce37d782ecfaa78d9480a3c8cf42b13d2%7C%7Cf5f455c339577d19d7186a07cdd5232b%7C%7Cf1a3e03f441b245bdbd1273cb704d2ed%7C%7Cb247fb1514924557a1dcfb52c808728e%7C%7C1663701684%7D
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e1664b4e-e131-892d-f8b4-8cf2e40a1d12&tv=%7Bc:p3FLPR,time:2084,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2084,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:985,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1121~0%5D,as:%5B1121~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:860,fm:tihio4n+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1p2%7C1q%7C1r.10507%7C1r1%7C1s.1179759-65813174%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1o*,rmeas:1,rend:0,renddet:DIV.us.sn,siq:987,sis:1188%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F310 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:06:46 GMT
_01.jpg
s0.2mdn.net/sadbundle/11225336779930824900/ Frame F310 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11225336779930824900/_01.jpg
Requested by
Host: eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
URL: https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
sffe /
Resource Hash
8a4dee080f66872a34cf59aa79ed9ac9236e0c921b62a15c21de08790158e7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11225336779930824900/_S22AnywearAnytime_VH_728x90_____.html?e=69&leftOffset=0&topOffset=0&c=RmVSc8cs3g&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 23:29:52 GMT
x-content-type-options
nosniff
age
409013
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46838
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 07:16:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 23:29:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B873 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsted74rem1K71vpBh9qWdIlnVAO8TmYaa1KuXib_Uh2rBeb3SdY0l-byaBoqsfyFp6kvJ_UNbi7EcwiiEAV2eY0RxJ6POxHnghyrOUmdipb4yBNctFmlO6NBXhdSSnOS5fWdMHHTIe8TbxsakTwJxJZWzYrmnGRHFwv0AOrWs7-Gdb9m9UWi3yQi6JP5i5zoYeBSz6QKk5kkFJnnUglM1cORpiq4uTSUDXHJcDf1-_lOAqo-GcYGV5VoSrCCZ2GFViyUYmmZTNVGO4tlSH8Snl0ANrrrMrG8D7Inf98jTa-lThiydkFx6efeotz3UWzz1hKnSR6QIrAfKfxJOgH_c7o6PZ-kFEGwWii0CXcTllhc3UvcZncFFA3zamXAggzQBkfgoKjOg26jTs7zNtjOFMufZNjBEStb4eERGuFwvcwfn72V-VyPlEofQTVqP5jRlAdTaP5EK8Q4g2LpC6NptEwjtSPQtQ2fJ892UMzOiKq6xcxqP-uJcJXg5U83klne0OIW5Ckw9D-CtbR9sfILxqqu_NuYpEg3PueiRKLT1V9zgbjA3vnc8sfqqtJR6r71V5iuoDy588eMgBuaASvbSJRFZSpEceZdlUt7bo3Cz-pRLYIqnL0ETd56eXb_PzRjeR8vTXjeaUR7tI8rr3uet6ptjkZ8Wg2RRPainJPkYETWQJX-l1Ets819hsjni9Oq64whc4iIHyQk4bwYnnuul3wP7kUwXyW8xeOwTcsWXIAzoaPVXtv8IrvV40_pW8f2hUTBwNoh1P_WPS8-KdW1_2YzQGh6iLRdDV7bun7dJjAiHPFcB0UztLi1WLE4k4eX3ptiqDgmWGvxfwWtOOHyuAixuTQO45HwPb2UFN2b1WrdmyOrF4T6-4IOLyziWWOyY1in0xGSR1Z-z5LBMHcUGzdGjDzfz8pUFQgdMwmBrXJKQ0LnUUiESu1dOIIx0ZmAqhtw4tMsycS-76vK7APxQsfPzj59t-Nh3OFcVOsyIri4y82Dwyr-vIj9PHCKHDcamhm960ftrY8-E75qlz5_9V7shcw4y9bq1syhnzfGMpQZHzPjnRkQVWQkQKKgUrdZF7s54mCSWZqJdvp9_hKCPHE7-r49GZwwKzvi2prF5Bsl3rwhCb2nCg8g-y0y1NoGkhAxbaHqaOQT8vlUQ7ympHo2WwPmgecwpo5N2ikXQ96hIHCjwwHpZXBtZDg726edHiScJe7hD0cMa4EH09EbCoYKWw3WM_RLD0Owesxwj9f7edvyOwVgwRjEgv4S5jA-PL1DodWEcOf74cwM9V48eeZvzsHRBvOvw&sai=AMfl-YQtdPogp5ReNM7heLbztMzjpldCLSSwwx8pcCZOhTlN-lQQ3U-i21vi8QNHGQ-bXNiNJefmLb0MjQN6HpvUNHo4SXB8q2gEMc8CYegz5t2blCsa8uBRL0VO_F1qwm_cSAXABkP_Zs-IB3JCi5J9DBrFl3lxLGfMaXec7Rh5VbPkGEdWfkxWsqTpuvFu-T7ggckYDmauRyspr3ZaBwrAvFYj&sig=Cg0ArKJSzMOxWIEO2uW0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2243&vt=11&dtpt=1407&dett=3&cstd=831&cisv=r20220921.13089&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/?nk=08894a8a6f66376158817cd1139ca11b-1663952789
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame B873 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1179759&asId=e9e0cb88-c22b-e334-8c5c-b7b46ef75a5c&tv=%7Bc:p3FLUm,time:2101,type:e,im:%7Bpci:%7Btdr:794%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:2101,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1280,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B830~0%5D,as:%5B830~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:623,fm:tihio4n+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o.10507%7C1o1%7C1o2%7C1p.10507%7C1p1%7C1p2%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s*.1179759-65813174%7C1s1%7C1s2%7C1s3%7C1s4,idMap:1s*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1281,sis:1902%7D&br=c
Requested by
Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generic1663647361901.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		482 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1663647361901.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ca2d0b308aadcf4c4b2cdfed9605be2da920cb5bb897515fe52dbf5e6c26db9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
HhLubpCf1meQtFIxNBHOr2Cy5Ooi6IZh
content-encoding
gzip
etag
"2a9535a9a8d52c0622bae0381d011e63"
age
305443
via
1.1 varnish
x-cache
HIT
vary
Accept-Encoding
content-length
87387
x-amz-id-2
CnraVirrSatmkjzo2WfbIR4nHPHM3Vm7yhwk3TEM8HQjYuGIRb5QK13Y+XLvvkRvqcjwd1zkRWQ=
x-served-by
cache-mel11273-MEL
last-modified
Tue, 20 Sep 2022 04:16:03 GMT
server
AmazonS3
x-timer
S1663952805.477016,VS0,VE0
date
Fri, 23 Sep 2022 17:06:45 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
73HVD3MEEFM6Z18B
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
177669
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e492f583b2d48d263ca81567d34ff377f0ca3ab058aab87518d36261667a3c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 17:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11113
x-xss-protection
0
syncframe
gum.criteo.com/ Frame A8F6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.geelongadvertiser.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:45 GMT
server
Kestrel
server-processing-duration-in-ticks
1528156
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 17:06:46 GMT
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJHZWVsb25nIEFkdmVydGlzZXIgfCBMYXRlc3QgR2VlbG9uZyAmIFJlZ2lvbiBOZXdzIHwgR2VlbG9uZyBBZHZlcnRpc2VyIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cuZ2VlbG9uZ2FkdmVydGlzZXIuY29tLmF1LyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjYzOTUyODA1NjY5IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODM2YjUwZGYxYjU1OS0wZTdmNjA0YTU1MGRhMi02YjNmNTE1Mi0xZDRjMDAtMTgzNmI1MGRmMWMxMDU3IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXN5ZDEiLCJhY2NvdW50SWQiOiAxMzIyMjIsInVybCI6ICJodHRwczovL3d3dy5nZWVsb25nYWR2ZXJ0aXNlci5jb20uYXUvIiwid2Vic2l0ZUlkIjogMTMyMjI0LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI4NThhLWU5MmYtNDJjMS01YmYxLTI4OGUtNmNhNS0wNWQyLWIwOGMiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2Mzk1MjgwNTY2NiIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAyOTExLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjYzOTUyODA1NjY5LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 -, , ASN (),
Reverse DNS
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-blue-2mpx
date
Fri, 23 Sep 2022 17:06:46 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-application-context
application:9090
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43adb765-cffc-59a8-efa8-a04cae03b20c&tv=%7Bc:p3FM01,pingTime:1,time:2164,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2164,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1151,wc:0.0.1600.1200,ac:1117.583.300.250,am:i,cc:1117.583.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:351,fm:tihiodf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:1151,sis:1336%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43adb765-cffc-59a8-efa8-a04cae03b20c&tv=%7Bc:p3FM02,pingTime:1,time:2165,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2165,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1151,wc:0.0.1600.1200,ac:1117.583.300.250,am:i,cc:1117.583.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:351,fm:tihiodf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:1151,sis:1336%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43adb765-cffc-59a8-efa8-a04cae03b20c&tv=%7Bc:p3FM02,pingTime:1,time:2165,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2165,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1151,wc:0.0.1600.1200,ac:1117.583.300.250,am:i,cc:1117.583.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:351,fm:tihiodf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:1151,sis:1336,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43adb765-cffc-59a8-efa8-a04cae03b20c&tv=%7Bc:p3FM02,pingTime:1,time:2165,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2165,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1151,wc:0.0.1600.1200,ac:1117.583.300.250,am:i,cc:1117.583.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:351,fm:tihiodf+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a%7C1b1%7C1c1%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m1%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1p2%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:1151,sis:1336,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B873 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1179759&asId=e9e0cb88-c22b-e334-8c5c-b7b46ef75a5c&tv=%7Bc:p3FM04,pingTime:-10,time:2455,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663952805091%7C%7C3925352a33d385113cbe032a5b970c97%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C77052d5b9f9015b317b59052a4e94e06%7C%7Ce37d782ecfaa78d9480a3c8cf42b13d2%7C%7Cf5f455c339577d19d7186a07cdd5232b%7C%7Cf1a3e03f441b245bdbd1273cb704d2ed%7C%7Cb247fb1514924557a1dcfb52c808728e%7C%7C1663701684,sca:%7Bspg:e1664b4e-e131-892d-f8b4-8cf2e40a1d12%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=43adb765-cffc-59a8-efa8-a04cae03b20c&tv=%7Bc:p3FM0j,pingTime:-10,time:2182,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663952805091%7C%7C3925352a33d385113cbe032a5b970c97%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C77052d5b9f9015b317b59052a4e94e06%7C%7Ce37d782ecfaa78d9480a3c8cf42b13d2%7C%7Cf5f455c339577d19d7186a07cdd5232b%7C%7Cf1a3e03f441b245bdbd1273cb704d2ed%7C%7Cb247fb1514924557a1dcfb52c808728e%7C%7C1663701684,sca:%7Bspg:e1664b4e-e131-892d-f8b4-8cf2e40a1d12%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
json
gum.criteo.com/sid/ Frame A8F6 		444 B
590 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=geelongadvertiser.com.au&sn=ChromeSyncframe&so=0&topUrl=www.geelongadvertiser.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.geelongadvertiser.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d3b48c8c14c7828f31406d94d9d3eb886c43a7beefb3bf7e2b32382d4c81d67d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.geelongadvertiser.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:45 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1741526
strict-transport-security
max-age=31536000; preload;
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=472b39ef-c4de-d0b1-a823-59c693ed68ae&tv=%7Bc:p3FM4O,pingTime:-10,time:3009,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663952805091%7C%7C3925352a33d385113cbe032a5b970c97%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C77052d5b9f9015b317b59052a4e94e06%7C%7Ce37d782ecfaa78d9480a3c8cf42b13d2%7C%7Cf5f455c339577d19d7186a07cdd5232b%7C%7Cf1a3e03f441b245bdbd1273cb704d2ed%7C%7Cb247fb1514924557a1dcfb52c808728e%7C%7C1663701684,sca:%7Bspg:e1664b4e-e131-892d-f8b4-8cf2e40a1d12%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.19.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-19-189.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 17:06:46 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame C324 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:55:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3492 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
223609
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 02:59:57 GMT
expires
Thu, 21 Sep 2023 02:59:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DA5C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
3bbaaf60e6a2d958384e549e8e7d84da3192fe7932f43438aa4865a098a2c7ca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8F5h3ZzDVdCyLfnbgUIonw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-8F5h3ZzDVdCyLfnbgUIonw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 17:06:46 GMT
expires
Fri, 23 Sep 2022 17:06:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame DA5C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=622803484893169&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 3492 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:55:59 GMT
generate_204
tpc.googlesyndication.com/ Frame 3492 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c05MEA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:06:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=622803484893169&bg=!1tWl1ZHNAAYIxsuQKMY7ACkAdvg8Wn6Lz5eJlZacteyLlKj-ZQYNZNWQ6q4Vt1V9qHoMGWwKThYUAQIAAABiUgAAAAJoAQeZAsFblOVdhyk9YMOtl5hyqwWA6ih0NMIpiFLhvcSn1R0C60nP9PfE98SDfT4SoQWhKV6rJlghgQNIX6ZjkkhAdPUGYVd7SDdnNX_Up8v7D089FTctuikEuMaNCg2-nl4O1JnTBsEE8V_XYexCMWuRvYO6dZ3whlgWNQxgs7yQPWJ2Eqmn4fOowEKRXyHXItIFxUZEUhedg0YFIs1aP8JvRWbBanBMY44-ljuB2DT95nGPIGdevSnbVRcaqXuHzLSYacDKk8UUz-6yiXMImdtSc0N5EDQgdyWHhWspuIMmlP78BcGoheDzvohb3vaXTPw0vCqqOkZwOWvW1oUKf42WSwuO_CZAi0ZutgUBqRLPPUqXSHOJdjyClw9Maj4PrJQcIm9YhSNKpY5Ar_X5aZPFSP0mXA1P_klcuSnUYK4FtpeAgdAiILs0OilUXyrk2c84RyIag8dae4WpzmEgl_X1dp2xreT5HuEGxAAMlUR4S7OuLTwbqfOF6EKS3z4GibexMSNvvt6rN7ltOqpcVT5xoy8EjZPWh-ltz9aFX9pzmaoS0aOTV6Bruh3xCBfb1p8jqL7YcXjbSDpSvseV9YOUspCrWs-6dHyEE0VQe57mS_TtoAbiUJGCqnwJZxqpucUdUc9L5rfPG5xKJUYoH_mhRvu7637sjpdLXI-6F-3bmlB3gkewLHNCvzODyRtO4JgdA48BKwAXHU7deg797KRlQsxZ5FmAF2OAdJCwYiOFo7Bxv1A65GE9MO-2P1uxlxg2Bir-3hjdxNJdoonAduUAaMBSnlwQZR89CNZDDKOPruHotoAgRJCOfa-Z6i5tJT92az6HTDP7DcdDVp_Wqe7-EZCAUHszaq1xmeLKSiTBYblqHNH5qvmOFpWdF3Qlm8OTAD0lm93mlpvm3j3HAOlmfYf8wSOJ-JdiL_hDnlmJdDm4ozI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.geelongadvertiser.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/2970e277
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/1McDhLIVMB
Domain
cookie-matching.mediarithmics.com
URL
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEAPd4mrvUSWH6xp2VNx5ThA&google_cver=1
Domain
syd-1-apex.go.sonobi.com
URL
https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%2221f0f829433f643%22%3A%220577f711b8236216818a%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-1%22%2C%222286c7e223b2704%22%3A%220577f711b8236216818a%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-1%22%2C%2223bfc09193fec39%22%3A%220577f711b8236216818a%7C728x90%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-2%22%2C%2224da1b63c63819b%22%3A%220577f711b8236216818a%7C300x250%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=d1c8d0aa-a391-4916-ae55-5431eaa62994&pv=9db52ee0-7a25-460d-b47e-3d93b1f2bf39&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Domain
lbs.eu-1-id5-sync.com
URL
https://lbs.eu-1-id5-sync.com/lbs/v1

Verdicts & Comments Add Verdict or Comment

280 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget function| toggleShowMore object| TRC object| _tblConsole undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl undefined| $ function| jQuery function| admiral object| googletag number| taboola_view_id function| loadjs boolean| isLoadedIndiesJs object| COMSCORE function| udm_ object| ns_p object| placementData object| __AMP_LOG object| __AMP_MODE function| AmpStoryPlayer object| lazySizes object| ads_api function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise object| app object| vidora function| vidoraTrackExtraElements object| vidoraHelper function| 4dm1r11545242527 object| auth boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR boolean| __tealium_twc_switch undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| sectionData boolean| cb_ad_run number| _sf_endpt number| gptPluginLoaded object| apstag number| gcTicker function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy object| vidora_ns object| m object| nb object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| KAMPYLE_EMBED object| npt function| setImmediate function| clearImmediate object| ID5 object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig object| adUnits object| pbjs object| __iasPET number| AMAZON_APS_TIMEOUT object| kw_ignore object| atsenvelopemodule object| ats object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| apstagLOADED boolean| isFetchedIndies function| parcelRequire object| brandmetrics function| __assign function| pbjsChunk object| _pbjsGlobals object| apsUnits number| interval object| nca_ipsos object| dm function| __spreadArrays object| _brandmetrics function| GeaLoader object| diagPixSentCodes object| __iasAdRefreshConfig boolean| isAlloyConfigured boolean| DotMetricsInitScript undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready object| DotMetricsSettings object| $jscomp function| $jscomp$lookupPolyfilledValue object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| Criteo object| UrlCache object| SUBSCRIPTIONS object| SWG object| DotmetricsJSON object| CryptoJS object| DotMetricsObj string| s_tnt function| cookieWrite function| cookieRead string| g string| f0 object| s_i_newscorpau-gaweb_newscorpau-global undefined| oneTagObj function| ebDecode object| bsResponseObj object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| googDdmPs object| __IntegralASExec object| GoogleGcLKhOms object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata

183 Cookies

Domain/Path Name / Value
.taboola.com/newscorpau-aud-geelongadvertiser/ Name: taboola_session_id
Value: v2_9a8fce3950bcc4c035adb0219b8efa42_afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a_1663952794_1663952794_CIi3jgYQi_NHGJHmwtq2MCABKAEwEDiu_QZA9YUQSP3L1wNQ8poCWABgAGjepu6WpPzt-8sBcAE
.geelongadvertiser.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 08894a8a6f66376158817cd1139ca11b
.geelongadvertiser.com.au/ Name: nk
Value: 08894a8a6f66376158817cd1139ca11b
.geelongadvertiser.com.au/ Name: nk_debug
Value: nk_set
.geelongadvertiser.com.au/ Name: nk_ts
Value: 1663952789
.taboola.com/ Name: t_gid
Value: afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
www.geelongadvertiser.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dafbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
.scorecardresearch.com/ Name: UID
Value: 1DDa96937f99bc35806a0651663952794
.geelongadvertiser.com.au/ Name: utag_main
Value: v_id:01836b50b7a50011bd45155041d903074002506c00b08$_sn:1$_se:1$_ss:1$_st:1663954595558$ses_id:1663952795558%3Bexp-session$_pn:1%3Bexp-session
.geelongadvertiser.com.au/ Name: nearSessionCookie
Value: 0.21943152117701836
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A14883ce0-3b62-11ed-a288-1b728da5e8de.YfbdAbLhhOpBVTz%2F4A9UHoA1%2BRuXtx7roYSHhFyjNzg
.geelongadvertiser.com.au/ Name: _ncid
Value: 489afafc6f9fc3af8d3075f102e0d238
.geelongadvertiser.com.au/ Name: _cb
Value: BCwM50ukdcCBXmWUj
.geelongadvertiser.com.au/ Name: _chartbeat2
Value: .1663952796128.1663952796128.1.CBD_4bDyr62zDEd0I8D1bL9-Bk0wMG.1
.geelongadvertiser.com.au/ Name: _cb_svref
Value: null
.geelongadvertiser.com.au/ Name: metrics_pcsid
Value: not%20set
.geelongadvertiser.com.au/ Name: _ncg_sp_ses.a59a
Value: *
.geelongadvertiser.com.au/ Name: _ncg_sp_id.a59a
Value: ec17d191-808a-415d-8d39-5532cfabf121.1663952796.1.1663952797.1663952796.c1b2fa8d-8e90-4977-8c4f-0ab71d7ec5ab
.demdex.net/ Name: demdex
Value: 08314947031694881621094073913528724637
www.geelongadvertiser.com.au/ Name: vidoraUserId
Value: amsq19mlurb60kjjejj1mdednp9d0h
.geelongadvertiser.com.au/ Name: _fbp
Value: fb.2.1663952796963.1083599138
.geelongadvertiser.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.geelongadvertiser.com.au/ Name: _awl
Value: 3.1663952796.0.5-56a4723012c13d8a1b40a6b6066bd0c5-6763652d617369612d6561737431-0
www.geelongadvertiser.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adsrvr.org/ Name: TDID
Value: 796f91f5-6c19-4310-9d8e-96dcf5bed3d0
www.geelongadvertiser.com.au/ Name: _lr_retry_request
Value: true
www.geelongadvertiser.com.au/ Name: _lr_env_src_ats
Value: false
.geelongadvertiser.com.au/ Name: nol_fpid
Value: mqmi9gi83q4ukwnsj9xtwhngu2bvs1663952797|1663952797205|1663952797205|1663952797205
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=d6f4df9b-3327-40ef-b6a0-bc1a2011dfce&Created=09/23/2022 17:06:37&UserMode=0&guid=274c7400-e1e1-41f5-80f6-f4ce74c75c5d&ver=1
.newscgp.com/ Name: sp
Value: e3e21d21-9c9c-464b-b76f-a96fe1910102
.geelongadvertiser.com.au/ Name: s_ecid
Value: MCMID%7C08293981904171223601091668987827584391
.doubleclick.net/ Name: IDE
Value: AHWqTUntsrR7s2xmmxHpF52oD0y9poLVBJYwoq52eEXdFErTrXAFVqIL7JcRQVZ-0jI
.smartadserver.com/ Name: pid
Value: 5846999672042193544
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
www.geelongadvertiser.com.au/ Name: DM_SitId1563
Value: true
www.geelongadvertiser.com.au/ Name: DM_SitId1563SecId13074
Value: true
www.geelongadvertiser.com.au/ Name: DM_SitIdT1563
Value: true
www.geelongadvertiser.com.au/ Name: DM_SitId1563SecIdT13074
Value: true
.geelongadvertiser.com.au/ Name: s_nr30
Value: 1663952797732-New
.geelongadvertiser.com.au/ Name: s_gdslv
Value: 1663952797733
.geelongadvertiser.com.au/ Name: s_gdslv_s
Value: First%20Visit
.geelongadvertiser.com.au/ Name: s_ppn
Value: ga%7Chome%7Chomepage%7Chomepage
.geelongadvertiser.com.au/ Name: s_cc
Value: true
.lijit.com/ Name: ljt_reader
Value: FXYCEQZHxudL2GMZS--dCWmt
.criteo.com/ Name: uid
Value: 574e972a-fd35-40e1-86c6-9caee590171f
.contextweb.com/ Name: V
Value: gQyETBB6myCE
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g9o|5Ql.0.afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f68e7832f5bf6676
.imrworldwide.com/ Name: IMRID
Value: 15e13d30-3b62-11ed-baa2-6708a1296215
.geelongadvertiser.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.geelongadvertiser.com.au/ Name: aam_uuid
Value: 08314947031694881621094073913528724637
ads.playground.xyz/ Name: connect.sid
Value: s%3AaD7GuiI272RAtIIbBprDULAb9i9OrYwQ.x7McjfiH3FYTQr%2F4y8b6BiNALX%2BE0rW3mPgG72uQTTU
.rubiconproject.com/ Name: khaos
Value: L8EQJ7UW-4-7HYR
.openx.net/ Name: i
Value: f1ddb639-5ef8-41d5-92f1-0c868241bf7b|1663952797
.lijit.com/ Name: _ljtrtb_42
Value: afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a
.bidswitch.net/ Name: tuuid
Value: 6b38cf62-f3ea-4952-8c0a-9f3fa1097def
.bidswitch.net/ Name: c
Value: 1663952798
.bidswitch.net/ Name: tuuid_lu
Value: 1663952798
.adnxs.com/ Name: icu
Value: ChgI2rIrEAoYASABKAEwns-3mQY4AUABSAEQns-3mQYYAA..
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: YqM+3eRX1rMx0shrVGQQYH8Qnvf3ygOhcun7A8OIypOxwVwqZKmWY/eDUa0qJK245bDl6ZVZhHDK9cEstb3xzAyfNp1mcTcPWf7s4O27d/ioaKLySS8TIKSQz1lL
.3lift.com/ Name: tluid
Value: 2415420884917373764956
mfad.inskinad.com/ Name: azk
Value: ue1-d83c360267c343d8893e53a027aa2c93
mfad.inskinad.com/ Name: azk-ss
Value: true
.adnxs.com/ Name: uuid2
Value: 5813278693740145724
.dpm.demdex.net/ Name: dpm
Value: 08314947031694881621094073913528724637
.turn.com/ Name: uid
Value: 3810868978671773715
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
.casalemedia.com/ Name: CMID
Value: Yy3nnpaHoO2gg-757ik6gQAA
.casalemedia.com/ Name: CMPS
Value: 4781
.casalemedia.com/ Name: CMPRO
Value: 4781
.omnitagjs.com/ Name: ayl_visitor
Value: c79e8d014b45a574e7d7bd4d8e61fa88
.id5-sync.com/ Name: id5
Value: 5929b9c9-46af-460c-b0b4-69e2f43ac009#1663952798338#2
.mfadsrvr.com/ Name: tuuid
Value: 7a4f73a9-7269-462d-abc4-cea1c0ede64b
.mfadsrvr.com/ Name: c
Value: 1663952798
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c67757d5-f16f-46e1-64a8-a42cde7887b3.%2BdGNp8hbgIXG8LyN%2BEI0PDsQfDd%2BZOEh%2Fm%2BVyKu3ouE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AxndX1fFvRuFkqKQs3niHs2fR_nE.rcshxNK%2FKf5tkTuVw4f%2FUs58y54%2FRqyIR4eeCkYffKY
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yy3nnwAAAJwOyQN8
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 004tSSC930_004MHuC930_
.serving-sys.com/ Name: OT2
Value: 0001DC1rfh
.serving-sys.com/ Name: u2
Value: ea4c92dc-b6af-4cd4-a877-e171c63fe7364IW050
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663952799
.mfadsrvr.com/ Name: ssh
Value: !taboola,1663952799
.scanscout.com/ Name: uid
Value: CI-63dcd6437372c42b9989493928994843
.scanscout.com/ Name: UIAA
Value: 08314947031694881621094073913528724637
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1663952799241"
.eyeota.net/ Name: mako_uid
Value: 1836b50c676-7699000001084c7c
.eyeota.net/ Name: SERVERID
Value: 19580~DM
.geelongadvertiser.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19259%7CMCMID%7C08293981904171223601091668987827584391%7CMCAAMLH-1664557597%7C3%7CMCAAMB-1664557597%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-1247016652%7CMCOPTOUT-1663959997s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19266%7CvVersion%7C5.1.1
.ad-m.asia/ Name: uid
Value: 1CFzqs0SU2S
.adx.opera.com/ Name: UID
Value: dc7472c426ea40ea8f6f24c7db05e23a
.demdex.net/ Name: dextp
Value: 358-1-1663952797746|470-1-1663952797846|481-1-1663952797947|771-1-1663952798048|903-1-1663952798149|19566-1-1663952798250|23728-1-1663952798352|30432-1-1663952798452|30064-1-1663952798553|66757-1-1663952798654|134096-1-1663952798755|144230-1-1663952798856|144231-1-1663952798957|144232-1-1663952799058|144233-1-1663952799159|144234-1-1663952799260|144235-1-1663952799396|144236-1-1663952799517|144237-1-1663952799618|147592-1-1663952799719|461447-1-1663952799820
.mookie1.com/ Name: id
Value: 10527164130562359916
.mookie1.com/ Name: mdata
Value: 1|10527164130562359916|1663952799720
.mookie1.com/ Name: ov
Value: d6a60f9edeae1c7d85e81982e756beba
.geelongadvertiser.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiYwODI5Mzk4MTkwNDE3MTIyMzYwMTA5MTY2ODk4NzgyNzU4NDM5MVIOCPePw9q2MBgBKgNPUjLwAfePw9q2MA==
.geelongadvertiser.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: or2
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yy3nnwAAAJwOyQN8&KRTB&22978-Yy3nnwAAAJwOyQN8&KRTB&23194-Yy3nnwAAAJwOyQN8&KRTB&23209-Yy3nnwAAAJwOyQN8
.mathtag.com/ Name: uuid
Value: 8fee632d-e79f-4400-a24d-1d97c0326103
.geelongadvertiser.com.au/ Name: _gcl_au
Value: 1.1.1565954551.1663952800
.spotxchange.com/ Name: audience
Value: 174a705d-3b62-11ed-ac8e-1805dd570507
.krxd.net/ Name: _kuid_
Value: PGLbFK2F
.yahoo.com/ Name: A3
Value: d=AQABBKDnLWMCEF_C9bquru332w7Ai2ualOEFEgEBAQE5L2M3YwAAAAAA_eMAAA&S=AQAAAvyXBhkBMFQnygvd733cAmo
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-796f91f5-6c19-4310-9d8e-96dcf5bed3d0&KRTB&22918-796f91f5-6c19-4310-9d8e-96dcf5bed3d0&KRTB&23031-796f91f5-6c19-4310-9d8e-96dcf5bed3d0
.google.com/ Name: NID
Value: 511=B5xOYCL01hDRri85ZOLheK_dGTamzyAI7DqG9tSngxMjlRg0NAluBl7rfIR4ZZcnr1LM7JDYlXSmFJTjj6UICSy_zO5MwtGFhy6xvi8mqgNWyXsaaSpOqkRDxcJ53tda1jey8aOFd9vvcK_TRzMvrZUKCSNKJoqhoWt8p4Jnk8E
.admatrix.jp/ Name: uid
Value: 57b2e5f1-50ce-4a68-a0bb-c946b788739a
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
www.geelongadvertiser.com.au/ Name: _lr_sampling_rate
Value: 100
.adform.net/ Name: C
Value: 1
.innity.com/ Name: iUUID
Value: aa0d26ec17acc16c3fbf1cb0862eb2c8
.geelongadvertiser.com.au/ Name: __gads
Value: ID=efbdc61fd2b64c97:T=1663952801:S=ALNI_MaxlVqHN3HS9jkfaVb4MqZ9Uzg7Ng
.geelongadvertiser.com.au/ Name: __gpi
Value: UID=000009d95499ca62:T=1663952801:RT=1663952801:S=ALNI_MZjNGTOzM8cnWzyCzyphuXrIrGnvQ
.adform.net/ Name: uid
Value: 3185137231455762506
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6A8F5D5D-CD9F-4374-AA63-A93E537158F6
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158393:2
.pubmatic.com/ Name: DPSync3
Value: 1665100800%3A201_197%7C1664496000%3A164%7C1663977600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1665100800%3A71_8_13_21_7_22_54_220%7C1664755200%3A63%7C1664496000%3A223
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~27bt:175w~27bt:18z8~27bt"
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI-o2fqoDkjjsQBRIWCgdydWJpY29uEgsIoL740YDkjjsQBRIVCgZnb29nbGUSCwjQxNm8gOSOOxAFEhkKCnJpZ2h0bWVkaWESCwjQxNm8gOSOOxAFEhgKCWJpZHN3aXRjaBILCJTil8SA5I47EAUSFQoGY2FzYWxlEgsI3vy2v4DkjjsQBRIXCghwdWJtYXRpYxILCLqYxtCA5I47EAUYASACKAIyCwi6kMn9luSOOxAFOAFaCHB1Ym1hdGljYAI.
.quantserve.com/ Name: d
Value: EEkBDQGVJ7jvsQA
.quantserve.com/ Name: mc
Value: 632de7a2-55428-b6d23-e37ac
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESENuYaYP786c68KH36c-eHhs&KRTB&22987-CAESENuYaYP786c68KH36c-eHhs&KRTB&23025-CAESENuYaYP786c68KH36c-eHhs&KRTB&23386-CAESENuYaYP786c68KH36c-eHhs
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:8fee632d-e79f-4400-a24d-1d97c0326103&KRTB&16736-uid:8fee632d-e79f-4400-a24d-1d97c0326103&KRTB&23019-uid:8fee632d-e79f-4400-a24d-1d97c0326103&KRTB&23208-uid:8fee632d-e79f-4400-a24d-1d97c0326103
.mookie1.com/ Name: syncdata_IOW
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-tQ7AC-YKk12uCMdctA_fCucOl1auW8JWtwROe5Tz&KRTB&19420-tQ7AC-YKk12uCMdctA_fCucOl1auW8JWtwROe5Tz&KRTB&22979-tQ7AC-YKk12uCMdctA_fCucOl1auW8JWtwROe5Tz&KRTB&23403-tQ7AC-YKk12uCMdctA_fCucOl1auW8JWtwROe5Tz
.simpli.fi/ Name: suid
Value: 27B51453092447D2BF2D47D286C6E8A3
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:27B51453092447D2BF2D47D286C6E8A3
.brand-display.com/ Name: _knxq_
Value: 558f1ef6-60c1-98ff-5d1b76c6.1663952802.0.1663952802.1663952802
.rlcdn.com/ Name: pxrc
Value: CKLPt5kGEgUI6AcQABIFCOhHEAA=
.dyntrk.com/ Name: dyn_u
Value: 07030001_632de7a30454e
.doubleclick.net/ Name: DSID
Value: NO_DATA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tapad.com/ Name: TapAd_TS
Value: 1663952802715
.tapad.com/ Name: TapAd_DID
Value: ded0e195-bc6b-49de-ace2-e5a7fe71ddeb
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&3e792e75-8d10-4067-837d-18b306928e34"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2514:u=1:x=1:i=1663952803:t=1664039203:v=2:sig=AQEjHyKdRmx-3YZsklKB1C1Y23W1IUF0"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.mookie1.com/ Name: syncdata_TAP
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>0m^Y$3!]tcc8i_iqf!oN/@E'zz<*Z0Qf-C6k4h.$Wh[mo]9J4Zv*JRW8-!>h5pM<hNTD._*PlZ[C[-kX-5$sEW
.pippio.com/ Name: did
Value: cbOnEXLBesc8JPvD
.pippio.com/ Name: didts
Value: 1663952803
.pippio.com/ Name: nnls
Value:
.bidr.io/ Name: bito
Value: AACMvU7GW88AAB40f0rw4g
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMTS
Value: 5338
.amazon-adsystem.com/ Name: ad-id
Value: A01Qrw8tjUJonYld01e2ieY
.semasio.net/ Name: SEUNCY
Value: 24E804CDC5B52AF
.agkn.com/ Name: ab
Value: 0001%3AGA9N8uiBbV2xUSUmWZIsqeT1ctjwex64
.pubmatic.com/ Name: SPugT
Value: 1663952804
.pippio.com/ Name: pxrc
Value: CKTPt5kGEgQIAhAAEgYI7OsBEAA=
.mookie1.com/ Name: syncdata_NEU
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMI0kofc7dbySCKB0+A8/5Oa2uQBqXHOpsc3aa85gYZ+9vl/WwmfJ47y2eCXMy7k+A5NuUteIsykiG6ZxmXPvKvYCwTLVtClQB7kSWBgnvP7qQ==
.linksynergy.com/ Name: rmuid
Value: d3b190f8-2352-47ac-8620-d93c1afa8445
.linksynergy.com/ Name: icts
Value: 2022-09-23T17:06:44Z
.tribalfusion.com/ Name: ANON_ID
Value: a7nseFwyEojpuMNpbIFrCgyZdUZcZcwllEZbF3JWLCZbTWZc8wYM3IchRRmZaHNLX6J0RWZaGpY6oc2S2bRT7Eg3wJ08
.id5-sync.com/ Name: 3pi
Value: 464#1663952798697#-2022343792#afbd3677-f579-4ae3-8f91-f4af3dee061d-tucta276d1a|112#1663952804544#-1945673928#24E804CDC5B52AF|2#1663952799302#-601729192#5813278693740145724|3#1663952800280#1453077144#8fee632d-e79f-4400-a24d-1d97c0326103|264#1663952800750#-1725170893#796f91f5-6c19-4310-9d8e-96dcf5bed3d0|10#1663952802243#1106827590#3185137231455762506|108#1663952803354#-919173317
fksnk.com/ Name: AWSALBCORS
Value: UH8rkqJ5DZwgSswgxnFV2DCd23JBJBEJ0jHLijU97XaR51m4zkQP5bH6qutm4s3W/1ef9ldtjli58DcesbWrmtEHe4cOS/NwXTdFlAem8c38aSe+HH0H3RagOIkv
.fksnk.com/ Name: f_001
Value: 8B06258575089AFE
.fksnk.com/ Name: g_001
Value: 1
.mediago.io/ Name: __mguid_
Value: a07e38e765efe569f7d8164d599d451b
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-6b38cf62-f3ea-4952-8c0a-9f3fa1097def&KRTB&23280-6b38cf62-f3ea-4952-8c0a-9f3fa1097def
.pubmatic.com/ Name: PugT
Value: 1663952804
.reemo-ad.jp/ Name: deviceIdentifier
Value: WtoHfwAeUexKBcsQrEGUoXGAEPDMnaTS
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.rlcdn.com/ Name: rlas3
Value: 9YR2qcqGaUr+F64NinwD7g2wLZmxkfjR8M+LKum0peg=
.geelongadvertiser.com.au/ Name: tp
Value: 13338
.geelongadvertiser.com.au/ Name: s_ppv
Value: ga%257Chome%257Chomepage%257Chomepage%2C9%2C9%2C1200
www.geelongadvertiser.com.au/ Name: mdLogger
Value: false
www.geelongadvertiser.com.au/ Name: kampyle_userid
Value: 858a-e92f-42c1-5bf1-288e-6ca5-05d2-b08c
www.geelongadvertiser.com.au/ Name: kampyleUserSession
Value: 1663952805666
www.geelongadvertiser.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.geelongadvertiser.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.geelongadvertiser.com.au/ Name: kampyleUserPercentile
Value: 28.236271403607315
.geelongadvertiser.com.au/ Name: cto_bundle
Value: JKKSeF9rVmh3c0o1ajZNQXBhQWdzNDZyUWMxSENaNzFKZzJkVXFkZ0kwRUtiNWtJa2pUazhSd1NnbGptaUZVRzF2ejJINDliWk43dTBUeTdGcE9CZVFiRmxvZkV3JTJCbDhaN0lDdSUyRjRibFlDd3lJYTRoUnhQYkM1V1R2d2tWelhYUUJNb1RoWFBmRm5adXlqcXdxNjZJWWZEVjFUTiUyRmdjbk4wT3pjMzFabWxzSnhySVUlM0Q

16 Console Messages

Source Level URL
Text
other warning URL: https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Message:
A preload for 'https://www.geelongadvertiser.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=24' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.geelongadvertiser.com.au/
Message:
Access to XMLHttpRequest at 'https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%2221f0f829433f643%22%3A%220577f711b8236216818a%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-1%22%2C%222286c7e223b2704%22%3A%220577f711b8236216818a%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-1%22%2C%2223bfc09193fec39%22%3A%220577f711b8236216818a%7C728x90%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-2%22%2C%2224da1b63c63819b%22%3A%220577f711b8236216818a%7C300x250%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=d1c8d0aa-a391-4916-ae55-5431eaa62994&pv=9db52ee0-7a25-460d-b47e-3d93b1f2bf39&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0' from origin 'https://www.geelongadvertiser.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%2221f0f829433f643%22%3A%220577f711b8236216818a%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-1%22%2C%222286c7e223b2704%22%3A%220577f711b8236216818a%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-1%22%2C%2223bfc09193fec39%22%3A%220577f711b8236216818a%7C728x90%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-728x90-2%22%2C%2224da1b63c63819b%22%3A%220577f711b8236216818a%7C300x250%7Cgpid%3D%2F5129%2Fndm.gea%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2F&s=d1c8d0aa-a391-4916-ae55-5431eaa62994&pv=9db52ee0-7a25-460d-b47e-3d93b1f2bf39&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=796f91f5-6c19-4310-9d8e-96dcf5bed3d0
Message:
Failed to load resource: the server responded with a status of 502 ()
other warning URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEAPd4mrvUSWH6xp2VNx5ThA&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-gmtdmp.mookie1.com
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
avd.innity.com
beacon.krxd.net
bedsberry.com
bh.contextweb.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.taboola.com
cdn1.adoberesources.net
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
cm.everesttech.net
cm.g.doubleclick.net
cm3.adform.net
code.createjs.com
collector.bonzai.co
collector.brandmetrics.com
connect.facebook.net
consumer.krxd.net
content.api.news
cookie-matching.mediarithmics.com
csync.loopme.me
d.adroll.com
d.turn.com
d3273622690172371738-t3810868978671773715.id.amgdgt.com
dcollector.bonzai.co
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
eb2.3lift.com
edge.adobedc.net
edition.pagesuite.com
eff7e5ba4e64ab359e5e5a22df9785fb.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hazhjjquarexmaygh8zt7mw3dmpam1663952797.nuid.imrworldwide.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
insight.adsrvr.org
invoke.bonzai.co
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
massets.bonzai.co
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
metrics.geelongadvertiser.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
odr.mookie1.com
origin.geelongadvertiser.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
r.turn.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.geelongadvertiser.com.au
syd-1-apex.go.sonobi.com
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.dsp.reemo-ad.jp
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
udc-neb.kampyle.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
www.facebook.com
www.geelongadvertiser.com.au
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cookie-matching.mediarithmics.com
lbs.eu-1-id5-sync.com
login.newscorpaustralia.com
syd-1-apex.go.sonobi.com
103.229.10.180
103.229.206.240
103.231.98.193
103.231.98.194
103.231.98.196
103.71.26.126
104.16.88.20
104.18.13.76
104.18.18.126
104.18.19.126
104.19.173.108
104.254.148.251
104.254.150.241
104.26.7.155
104.71.48.157
104.71.48.190
104.71.49.6
104.79.97.250
107.178.244.193
107.178.254.65
108.139.243.119
119.81.192.134
13.107.42.14
13.210.135.68
13.250.169.102
13.250.222.156
13.33.30.231
13.33.33.112
13.33.79.24
13.33.88.108
13.33.88.39
13.33.88.55
13.33.88.67
13.33.91.15
141.226.224.32
141.226.229.48
141.95.33.111
141.95.98.71
142.250.4.113
142.251.10.106
142.251.10.148
142.251.10.149
142.251.10.156
142.251.10.94
142.251.12.132
142.251.12.139
142.251.12.155
150.95.47.241
151.101.129.44
151.101.130.133
151.101.193.108
151.101.193.175
151.101.194.49
151.101.2.133
151.101.65.44
157.240.235.1
157.240.235.35
172.217.194.157
172.64.132.15
172.64.152.245
172.67.38.106
175.41.135.242
18.136.162.157
18.139.47.59
18.139.71.162
18.141.94.181
18.155.68.80
18.155.68.87
18.176.21.36
18.233.19.189
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
185.84.60.20
185.84.60.21
192.0.66.86
199.127.207.180
199.36.158.100
20.50.2.28
202.131.200.82
202.131.200.84
209.191.163.210
23.106.127.39
23.106.69.72
23.207.37.206
23.75.85.227
23.78.217.19
23.78.217.66
23.78.217.74
3.114.17.99
3.121.135.16
3.126.109.107
31.220.27.155
34.102.253.54
34.111.151.213
34.120.155.137
34.160.46.16
34.193.201.64
34.210.246.46
34.83.125.63
34.98.64.218
34.98.67.3
35.171.14.192
35.190.60.146
35.208.249.213
35.213.12.39
35.227.202.26
35.241.45.82
35.71.131.137
35.71.178.8
42.99.140.160
42.99.140.18
50.116.239.135
50.116.239.150
52.2.211.96
52.20.174.233
52.221.16.11
52.45.175.185
52.46.151.131
52.55.123.47
52.74.13.196
52.76.51.167
52.84.228.218
52.95.125.22
52.95.132.218
54.151.137.171
54.159.19.19
54.178.229.66
54.192.150.118
54.192.150.12
54.192.150.125
54.192.150.68
54.192.150.8
54.192.150.93
54.192.150.97
54.203.95.9
54.251.140.206
54.254.175.9
63.140.36.112
63.140.48.135
67.199.150.85
67.199.150.86
69.173.158.64
69.173.158.65
74.118.186.44
74.125.200.156
74.125.200.94
74.125.200.97
74.125.24.154
74.125.24.157
74.125.68.154
74.125.68.155
74.125.68.157
74.214.196.131
82.145.213.8
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02db6085d2b384c5a8c4162969f767c00291344634e081fd124b0b48822818a8
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0422c1be425a330e066dc9ac7ba5d76e323e757b3ddc2a95c5319e2ca5090968
04271fbb61d53d2fe9837ce7053cc5138cb2da2f18d364bb026c790610d73e7f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
0849e192d412d9aefaef3111bf3b0bf859a01b47980780b863b5dbaa647129af
0858a9148363746faebe3b6c8af106af3bc4c3c0254da6f80e8524fbbc72cef9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdcf9fc4b88b33c29765b4b8e8d0d513b1441e9bf4081970364be14eecc0d64
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
1a4ac30d3c426134d6354a2407d4a9f8696b2f79ca8021714a8a2c87625ba4d6
1c4008b51bbe867de90ac3952e411eecf72b3a397efd426daffdbf245b725420
1ce41d6a3482778598be8fc7dd6ce703df6099fc19179ad8bf86d512ad0f232b
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1e0048d90172ebbb946617c24a981dbc8a4d585329c16ecd3eeac25d6a0acd58
1edfc18b553353ded6c3c93cb4ecc146d8237545c675ba362501b8cd0533634a
1f679a76fc3e51afef018d771da8d3df5d9c6842b4379d799e81ca22972438ea
20633ffd0839aa4a1f2c78018819714a539e4b7258b121bf554f5b693fcab943
20f49f0db7532ac0db43a8e565d818845e15162ff2d73d0ef03b6d787dfb4430
21f20f84cde9b9bb5d03446360d1909696d9e346bd970e8306a3d0565a82fc82
22d81786f15b35bde59e0ea8903a154056981094b970d6a9480c2c9d2ffe2f20
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63
2a664604e1419e2d44aca4ec63a70e26d9d77dbe885343ddc1bb486e2ed608bb
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b60dbffb3424bcd9013dfd27824cc3390588346d7ae420ac485847b23f0a6d0
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2e25737f747f71bc7b5a29f23c0278aaadf5a2a70ce8c5dbafdcdccdca25e533
357f53c086a955bfd3e19e2b846e7cf8615a6d3416b4572a06f31957afda3a47
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36e299f45673885e6b5d62d38c3b76d863aa2a0b511a2c1327359273380703a0
396d53b9286fa651510b311b1a94c84e67aba276450d334e75893329dab19d7f
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
3bbaaf60e6a2d958384e549e8e7d84da3192fe7932f43438aa4865a098a2c7ca
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d30324efb3494df045b69bd0a84e19d433352853c05d5ee68274b6161359943
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42ffbcd5fae6a0eda00246031330f0c87d21ec4c9451787199c02d49746a3d12
438d50b298a91528388dbfd044a8eb83a456eb3a3e03ad01e96ce94522724e1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
455e6164d16b21e09f02234143bb7f5957831d33c6ec9e2d4e41b167a4f79859
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ccc3c14158e5399f119d8624d63cb18759c66bf2a2237e76b82bc4df89aea44
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f01b16679c83ca467b31820055419a587f86eb4518b4b7add197bea61e8b971
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5035025cc7ae3d7c302310072d53271a1ebdf33669b83081b8a6658f2eb6cb2f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
52d116ed6307a42cebd5bc05e8c0e9ce8f6197a077a227f7cae462fa669aa19c
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c51edafb8aba1426a85eb7e447bc610b540d157d8629af90df62874065f8e3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5933d4bb193c0644d744887fbea71dd29799061f42d1bb3e4630599108587ae0
5ba313b7fa9dd06ba89db2a1f6c6642375203f081bf64563d8571e0ef07a0739
5ca2d0b308aadcf4c4b2cdfed9605be2da920cb5bb897515fe52dbf5e6c26db9
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f3b623c07cc006c4f38ae26cfdc31ed8e344ca57a86670c308e98bf958184c6
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
62b3645c392de532ff7140aa908c975608b68ae273695cfd1f67bf9d81ae009b
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
6586fcb06dd096b64abb602bc66800564691569011681db3f8b0cc59083be81d
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
6612a06782db45df240dcc4c886a1481b5d0c31d7b7a88139e7fc27b046536c1
66849d32bc3bc530db5d7111e5c6cba07d63a6c49b288b4e03ad7a1f480337c9
6733a09bfc852d2a605aa398af37c3b0df6858af45cb4162cbb5f80d15b03a03
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b674af5c6e7fd6fcd8240a61985a008cfbcf76583c12e7eaba284c19e398f6c
6b730edf21a86d294536eabb0a85ae47e9469a13bf44e508902343f3f64121ff
6e1fb131ab4c88c0be1d2f5103fb9348e999a77cb8f31f1e7d6c6729e62463bd
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
736c2d3c83596bc17524d1a9bce892412356d62d1cf2093c3346c6a89172ed94
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
75dc72f6edfcab5e5275c992c7f55f8f1ac3764db858c3d5babd39a7efb01add
76ac3115412586231007ee56ebb1214b6ca1f25c83f01fe2919cae588f125dda
78693f617638dd93eb7434a37d1b06bfbc4765dd09b850f5948aaded63db14de
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
79faae7cce89185fadfe012d9cd154c8ccda2e5d9c171000ef0284f927e11e10
7be34a0d538a57cebcb7648c62003d30426198fc4fe9d0203e5456558e06544f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
7ef92b289510806c5cb30ffb6afc031d276874b28e33f8afa1eba7dbfcc68ead
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
7fc86d2ef8dd26058c4fd2e1f12314d46408a9cc0d5eab9c23ad736ad6fb4d5c
8189b423ab0098619e47b27fad28ed6e28457aadfe234403feb1ae9d21478909
82098b75569948cc99fb49df0a4ec6f6e73a9e4e9b6937db3d8ba4516e281b14
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82fbc67349f866be3e601fea8f13d8827b9ca8c46d2387f2f737b6388a57f64f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833e1b8b18e560524beba005aee4bd36a6a21fd95a0ec607c609e89649f27e2d
83fa53cae084d495d0fca6f09565fb3a9fe370ecffb32fc800bbfea41d4ad9c8
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
85804527fb3534fab3b0ef6db244e65e64b5772ab1a4422e70a884a9b3922027
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
870264d61a39307a5e52ad0a617e6b1f5f9455c58ffee2615d4ea86e549b6805
87eca8f8c44286e6e5620518c550cc3e66cfaf1fa0822ab969c50062c1923f19
881060a5339221b943c81d0087dc08103dc4695c70906bb3346c1336172f7641
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4dee080f66872a34cf59aa79ed9ac9236e0c921b62a15c21de08790158e7bd
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab9b143c1a9f51f38c62db005fb4b49572e4d796f0e74e6b3b56ee41036f954
8aecd453ecab4f8fe3d75b3ee162a5ae60eb75f1a2e96ae77120b5af6d585a19
8b056daff2818b889c6c93476f43a994c87f5f0059892160a71c62ae9eea884f
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8b4124ec14802e257c9c454de76f06cd89cc9cbe0b15e4d4e748dd3375ebd0fa
8c8888e3881253590d4beffc2b0dc90768ac55b054bffbe66e140263d25594c2
8cbf227c1580348e4e511063501bd522bdaf596921965d05dcf405c181271219
8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9
8f471e4e6239c6414b10d6e38e001d5f7a228fe8c79dde4168fce1d335f101f4
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91f4ba84dc2d07b7a3de1ceba71429d81d31b16a9363d3e19bf5430759a2d6f4
947a98b35c2eefb4199f2317b6624b2c99efe3044659996dac2af34e3346d905
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9945f2c0d779c07ea04ec9e4d44c76870191e59e27e971240a1e0a7ebe3bff38
9a1abc1985483e3c1c35c7fc046e12678010e8737461f78ad7128e82cc6fd7ed
9a3d3a4e615b63d4cdee5ce59bb89aefe44094b57df9f693c8c207139a6d8424
9a547c4128d0639e5707d680eeee4cf5ff5cdfed9893dbed7c8ee69fb02ebdff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9de5350e38c51549d56c0d4ad6fb5a9abc41e66cfef4e7a1de2649c410b637a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3c9728730ffd33b100a65dc3ddcaf6632aa1667694acc96c29851c2acd32bb1
a417c2b63129614e58794e89a60c745f608a234439cd2eadf167070084442ee5
a46dd848c076bfbe6e97097adf39d1931317a0a8f6ead76c4cc843be3490ee81
a48f24aa8f29856cbb1616ed9e497074a4306c8f1d1ed47e7253a4a5472aa85b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f8eb491b8b2c7b556d6882cc9321bd23e6fe83bc2b0e93abe72d46b06ef78e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adec382ca36a045ef64cf9635685e4a499976d6bae74bb23a7d1500d74a5499b
b07f5a1999429f79826a2454193403d52131db0eab4dfbd79a38b8d980808ed3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31457d82cc8a6eda395f7cb5eccd3e723dce14ef989f8a80b95464a1794fb0f
b4a763d1b4e03ffed30b88d1ee7fbc36eba020b4268177e8a695add318807f8f
b53a66a4c63c56cd1a904150bbf839b2dd1aaed2a87328e8012fd659069b3bda
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
baae97b99d616b21dccac39f872a4c35501f6ead947cd40cab95a435b378769c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd67da39842af55e0405cfc4ce77f07fa2b88d4bd893495d900bf30fd6e70e6a
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c130a53c2ee07a211e7562f303463b755514397b79f6799acfde02e0d6a03f02
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25bfbbf57399794e2238727d4d7c9d681c86879e54d9950ab92bf0b34c9f7bd
c261147bf4256326fe74979596ca8fb13dae170d9b7586b1edbf7f0bb2fe9cf6
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c66c1e800bb02079a3968537d100001b1db78ae8c35f163d1798f381711c27d8
c720c21c903c566e013764c44eaf1dbd0c81f5a5fbaf4003ebb1458689c6c0b1
c72f1da6ca6e03df8e2b5285682ce61fe90699683c2430b8952968e719442b6b
c7876e4f0365934a69b65c92837015d0961961dc1005630d32e858ec2060eb27
c7f13a6d19a7ac0d6e515879002fe3df6121f8f9b49d6d68015b07835765469e
c853664140e6ba15f2e1e5800cf192893a81e742044e27df50fa3d5c4d357cd2
c94562cf8c1200eda7d0027734bffa0e186d2f563242bead164fb3ceba68cf74
cb657bd1961fa2b4572404d665499f7a3fe903c9ef2b60c3b1c11fa0cac094f5
cc2ef67816be57f7e478d2560f7beba64c98bbfcfac900ee02ad5f468695d8e9
ccde03951d7d2c1a09c1cfddf44fea924fbac79faa2e4bddd01a43ac7a05ed4b
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbaebc48bb4435695bdd56880c4e0931f2fed69d8f4db4be87c229b9463e126
cfca1ce85977c17c1aa43f783eae74c9827df2b6022d05ff4e60e7e3b262f738
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d2946abf27eaca5e23cda23efdf26b2dd3f77da56a6cac5c032a98bff1638d97
d3b48c8c14c7828f31406d94d9d3eb886c43a7beefb3bf7e2b32382d4c81d67d
d3b9d32c29984765d47e9ecfa9f9a0318adda7920b4d8fde67b965a1161b03b7
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d850b578c978624e308887cde7afa3721989c6eb1559de6893396081dc9e926e
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
daddc797c353b28216270baf1ab8cbca500e40868699b2167a5fa0553efdc933
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
de0b0b8be6e7dee9d500f910d0b9d8635c49c7e92f14024b19ba0d872ff8f5aa
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e0e2c7b79aa5da0074ddc394f56c49b18b60ef3728e0bb53ac20724d6cfa23f0
e28500bb610d2011d0b0cdef24277a95b9d73a9795604745f89eb837b42b531c
e2b47f6850e47a047f2dce76569a61df775d7504fe64716ec66af316ab80e489
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e492f583b2d48d263ca81567d34ff377f0ca3ab058aab87518d36261667a3c19
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e70bd440c10e5906797794cb77fa09cede63306250588bce7ed75f466b41884d
e954e99d65d154ca3059d0fbb369689e1897f468ce1c1ad09af09df6ab77ad34
ea825ec9d63d5602e5550f9622c03404df6a1c16d68ec821d49755552b2b90eb
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecc615c1af700a2627151c23e89445793ef608d505d30f156e35237e079262a7
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee1a4962f646187a69bcd2cfef58cfe2770e0ff7b4f658af1188978df66d16cd
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee7405f645b76af37fc0638e77f6b0482019ea6924b8c45751f122ff3ed75d47
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4d95f6b93e43438503cad780dc9055d135e72ebdad20142a460ab523f2414c
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f05c06822b1006eb518f3f04bd36481e3e84c7b41b2c61f33d3e832eaf10f4d7
f113e0743984ad398a7f12b9eb887f51bbf3d399d0a17b9e9d81e4643ff982f9
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f4c48f363103247eb8bf1a1b57c4bcff0944ee24dbd9a32c77ff304f0f64af9c
f5c6555e4ee811a08101c2b9b650ce268ac0866919b607f23635d6dd4a16465a
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b0db93e80409a03e7ad626a8fc83e337afa51ecd565543f6c09231d7d9538e
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f9cf5054354592eaa1b15b0730066d22b155be4f64e24c9f1fa1519786a67156
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbbd7cd3a5c7813105a07ebca16233e6823550e27ae0ef5a4e486ae372651962
fcb4df11cffa363c922ebd2c2dd3882bdb358ff2301287aa130049b3192a8db8
febaeef766f89b12b6bb183eda9765ec606541d7745d34d7a14d2ee6a07c3188
fee943a9dad82106a8ac253ed19352785e2db488595759bfb36e8951bc300dd3