www.bunburymail.com.au Open in urlscan Pro
108.157.4.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://marketing.buscircle.com/acton/ct/43385/s-01e7-2204/Bct/q-0006/l-sg-contact-0002:2113c/ct30_0/1/lu?sid=TV2:TQEMvH0ii
Effective URL:
https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Submission: On April 20 via api (April 20th 2022, 6:14:02 am UTC) from SE — Scanned from DE

Summary HTTP 231 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 70 IPs in 9 countries across 43 domains to perform 231 HTTP transactions. The main IP is 108.157.4.124, located in United States and belongs to AMAZON-02, US. The main domain is www.bunburymail.com.au.
TLS certificate: Issued by Amazon on March 23rd 2022. Valid for: a year.

This is the only time www.bunburymail.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	207.189.124.9 207.189.124.9	13649 (ASN-VINS) (ASN-VINS)
19	108.157.4.124 108.157.4.124	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	108.157.4.48 108.157.4.48	16509 (AMAZON-02) (AMAZON-02)
8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 7	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a0b:4d07:1::1 2a0b:4d07:1::1	44239 (PROINITY ...) (PROINITY PROINITY)
5	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
13	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	34.96.77.232 34.96.77.232	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:c600:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	13.239.102.90 13.239.102.90	16509 (AMAZON-02) (AMAZON-02)
1	54.208.44.81 54.208.44.81	14618 (AMAZON-AES) (AMAZON-AES)
1	18.170.16.189 18.170.16.189	16509 (AMAZON-02) (AMAZON-02)
1	52.208.32.237 52.208.32.237	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3	104.79.89.16 104.79.89.16	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
3 8	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	92.122.144.28 92.122.144.28	16625 (AKAMAI-AS) (AKAMAI-AS)
9	23.35.229.181 23.35.229.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 4	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
2	108.157.4.65 108.157.4.65	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	54.76.30.252 54.76.30.252	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.77 18.66.248.77	16509 (AMAZON-02) (AMAZON-02)
1 3	34.252.59.158 34.252.59.158	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:214... 2600:9000:214f:8200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.117.86.212 34.117.86.212	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.7.13 65.9.7.13	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:224a:3200:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2600:9000:205... 2600:9000:2057:3000:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.220.57.224 3.220.57.224	14618 (AMAZON-AES) (AMAZON-AES)
2	34.98.100.248 34.98.100.248	15169 (GOOGLE) (GOOGLE)
231	70

1 207.189.124.9 (United States) 1 redirects

ASN13649 (ASN-VINS, US)
PTR: forpci11.actonsoftware.com

marketing.buscircle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 108.157.4.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-124.dus51.r.cloudfront.net

www.bunburymail.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-48.dus51.r.cloudfront.net

static.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:1::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com

origami.secure.ownlocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:c600:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.239.102.90 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-239-102-90.ap-southeast-2.compute.amazonaws.com

pixel.roymorgan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.44.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-44-81.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.170.16.189 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-16-189.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.32.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.79.89.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 3 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.144.28 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-144-28.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.50 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-65.dus51.r.cloudfront.net

api.solutionshindsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.30.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-30-252.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-77.dus51.r.cloudfront.net

api.limbik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.252.59.158 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-59-158.eu-west-1.compute.amazonaws.com

secure-au.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:8200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.86.212 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.86.117.34.bc.googleusercontent.com

cdn.streem.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-13.fra56.r.cloudfront.net

sdk.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:3200:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3000:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

fhukaozluvhajqne3jyupatgdlysm1650435236.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.57.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-57-224.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.100.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.100.98.34.bc.googleusercontent.com

plow.streem.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128 pagead2.googlesyndication.com — Cisco Umbrella Rank: 98	152 KB
21	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 ad.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293	317 KB
19	bunburymail.com.au www.bunburymail.com.au	554 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	98 KB
15	moatads.com z.moatads.com — Cisco Umbrella Rank: 390 mb.moatads.com — Cisco Umbrella Rank: 626 geo.moatads.com — Cisco Umbrella Rank: 583 px.moatads.com — Cisco Umbrella Rank: 419	97 KB
14	google.com adservice.google.com — Cisco Umbrella Rank: 77 analytics.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 4 cse.google.com — Cisco Umbrella Rank: 2596 clients1.google.com — Cisco Umbrella Rank: 405	402 KB
12	imrworldwide.com 1 redirects secure-au.imrworldwide.com — Cisco Umbrella Rank: 32877 cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2469 secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1396 secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2255 fhukaozluvhajqne3jyupatgdlysm1650435236.nuid.imrworldwide.com	85 KB
11	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1340 widget-pixels.outbrain.com — Cisco Umbrella Rank: 1633 odb.outbrain.com — Cisco Umbrella Rank: 1512 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5662 mv.outbrain.com — Cisco Umbrella Rank: 3429	115 KB
9	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4320 images.outbrainimg.com — Cisco Umbrella Rank: 2117	477 KB
8	facebook.com 3 redirects www.facebook.com — Cisco Umbrella Rank: 100	503 B
8	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 1448 consumer.krxd.net — Cisco Umbrella Rank: 1852 beacon.krxd.net — Cisco Umbrella Rank: 440	204 KB
7	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 463 as-sec.casalemedia.com — Cisco Umbrella Rank: 1329 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	5 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	58 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	129 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1209 t.teads.tv — Cisco Umbrella Rank: 2548	133 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	198 KB
5	gstatic.com fonts.gstatic.com	78 KB
5	solutionshindsight.net static.solutionshindsight.net — Cisco Umbrella Rank: 27892 api.solutionshindsight.net — Cisco Umbrella Rank: 47429	26 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	4 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7579 www.google.de — Cisco Umbrella Rank: 5383	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	226 KB
3	streem.com.au cdn.streem.com.au — Cisco Umbrella Rank: 893398 plow.streem.com.au — Cisco Umbrella Rank: 787909	14 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 624 syndication.twitter.com — Cisco Umbrella Rank: 891	133 KB
3	survicate.com survey.survicate.com — Cisco Umbrella Rank: 5859 surveys-static.survicate.com — Cisco Umbrella Rank: 9957	101 KB
2	limbik.com api.limbik.com — Cisco Umbrella Rank: 139808	41 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	41 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	73 KB
2	roymorgan.com pixel.roymorgan.com — Cisco Umbrella Rank: 37516	703 B
2	ownlocal.com origami.secure.ownlocal.com — Cisco Umbrella Rank: 68340	14 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 www.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3390	245 B
1	amazonaws.com sdk.amazonaws.com — Cisco Umbrella Rank: 11137	282 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 354	1 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 380	18 KB
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457	122 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 458	1 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1170	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1216	23 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 355	550 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 821	334 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682	70 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 723	35 KB
1	buscircle.com 1 redirects marketing.buscircle.com	533 B
231	43

	Domain	Requested by
19	www.bunburymail.com.au	www.bunburymail.com.au
17	s0.2mdn.net	www.bunburymail.com.au s0.2mdn.net
14	pagead2.googlesyndication.com	0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.bunburymail.com.au www.googletagservices.com
10	tpc.googlesyndication.com	www.bunburymail.com.au 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net
10	px.moatads.com	www.bunburymail.com.au
8	images.outbrainimg.com	www.bunburymail.com.au
8	www.google.com	www.bunburymail.com.au 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
8	www.facebook.com	3 redirects www.bunburymail.com.au connect.facebook.net
8	securepubads.g.doubleclick.net	www.bunburymail.com.au www.googletagservices.com
7	www.google-analytics.com	www.bunburymail.com.au
6	cdn-gl.imrworldwide.com	www.bunburymail.com.au
6	cdn.ampproject.org	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.krxd.net	www.bunburymail.com.au cdn.krxd.net
5	connect.facebook.net	www.bunburymail.com.au
5	widgets.outbrain.com	www.bunburymail.com.au
5	fonts.gstatic.com	fonts.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagmanager.com	www.bunburymail.com.au
3	mcdp-nydc1.outbrain.com	www.bunburymail.com.au
3	stats.g.doubleclick.net	www.bunburymail.com.au www.googletagmanager.com
3	a.teads.tv	www.bunburymail.com.au a.teads.tv
3	z.moatads.com	www.bunburymail.com.au securepubads.g.doubleclick.net
3	static.solutionshindsight.net	www.bunburymail.com.au
2	plow.streem.com.au	www.bunburymail.com.au
2	secure-dcr.imrworldwide.com
2	secure-gl.imrworldwide.com	www.bunburymail.com.au
2	api.limbik.com	www.bunburymail.com.au
2	cse.google.com	www.bunburymail.com.au
2	platform.twitter.com	www.bunburymail.com.au
2	googleads4.g.doubleclick.net	www.bunburymail.com.au
2	api.solutionshindsight.net	www.bunburymail.com.au
2	googleads.g.doubleclick.net	0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	ad.doubleclick.net	1 redirects www.bunburymail.com.au
2	t.teads.tv	www.bunburymail.com.au
2	consumer.krxd.net	www.bunburymail.com.au cdn.krxd.net
2	www.google.de	www.bunburymail.com.au
2	surveys-static.survicate.com	www.bunburymail.com.au
2	cdnjs.cloudflare.com	www.bunburymail.com.au s0.2mdn.net
2	www.googletagservices.com	securepubads.g.doubleclick.net 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
2	pixel.roymorgan.com	www.bunburymail.com.au
2	0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com	www.bunburymail.com.au
2	adservice.google.com	www.bunburymail.com.au
2	adservice.google.de	www.bunburymail.com.au
2	origami.secure.ownlocal.com	www.bunburymail.com.au
1	api.ipify.org	www.bunburymail.com.au
1	fhukaozluvhajqne3jyupatgdlysm1650435236.nuid.imrworldwide.com
1	syndication.twitter.com	platform.twitter.com
1	sdk.amazonaws.com	www.bunburymail.com.au
1	clients1.google.com
1	www.googleapis.com
1	bam-cell.nr-data.net	www.bunburymail.com.au
1	cdn.streem.com.au	www.bunburymail.com.au
1	secure-au.imrworldwide.com	1 redirects
1	beacon.krxd.net	www.bunburymail.com.au
1	js-agent.newrelic.com	www.bunburymail.com.au
1	mv.outbrain.com	www.bunburymail.com.au
1	as-sec.casalemedia.com	www.bunburymail.com.au
1	odb.outbrain.com	www.bunburymail.com.au
1	widget-pixels.outbrain.com	www.bunburymail.com.au
1	tcheck.outbrainimg.com	www.bunburymail.com.au
1	analytics.google.com	www.googletagmanager.com
1	hbopenbid.pubmatic.com	www.bunburymail.com.au
1	htlb.casalemedia.com	www.bunburymail.com.au
1	fastlane.rubiconproject.com	www.bunburymail.com.au
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	ping.chartbeat.net	www.bunburymail.com.au
1	static.chartbeat.com	www.bunburymail.com.au
1	match.adsrvr.org	www.bunburymail.com.au
1	api.rlcdn.com	www.bunburymail.com.au
1	survey.survicate.com	www.bunburymail.com.au
1	maxcdn.bootstrapcdn.com	www.bunburymail.com.au
1	js-sec.indexww.com	www.bunburymail.com.au
1	fonts.googleapis.com	www.bunburymail.com.au
1	marketing.buscircle.com	1 redirects
231	77

This site contains links to these domains. Also see Links.

Domain
hiring.bunburymail.com.au
addirect.com.au
tributes.bunburymail.com.au
celebrations.bunburymail.com.au
www.countrycars.com.au
www.realestateview.com.au
www.agtrader.com.au
garagesales.acmcloud.io
www.australiancoupons.com.au
www.facebook.com
twitter.com
www.outbrain.com
pro-verbraucher.info
www.perfekterkoerper.com
stars-and-stories.com
versicherung.dentolo.de
quiz-lounge.com
www.exploretravel.com.au
viewinsurance.com.au
www.beevo.com.au
whizz.com.au

Subject Issuer	Validity	Valid
bunburymail.com.au Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
solutionshindsight.net Amazon	`2022-01-20` - `2023-02-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-27` - `2022-04-27`	3 months	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-10-02`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
widget.secure.ownlocal.com GTS CA 1D4	`2022-03-07` - `2022-06-05`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
pixel.roymorgan.com Go Daddy Secure Certificate Authority - G2	`2021-09-29` - `2022-10-31`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
limbik.com Amazon	`2021-05-07` - `2022-06-05`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
cdn.streem.com.au GTS CA 1D4	`2022-02-28` - `2022-05-29`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
sdk.amazonaws.com Amazon	`2021-08-25` - `2022-09-23`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
plow.streem.com.au GTS CA 1D4	`2022-04-18` - `2022-07-17`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Frame ID: 4A11FB4ECB3841867C3EBBCDFB72ED35
Requests: 152 HTTP requests in this frame

Frame: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E37D371506D33B67483648214DAD6A39
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 1D7A25C3C51069CD911F56E3DCC8FA29
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTnPD_vwZ_Xc22STQbxrjaYrbqBiZFoQWUnHFuSL4_qIQCKXImisJvlIblml8UCsBDGfrDNw1-E-utjXilAQOlhr81Sr_cC4zMsmAcGO3Qq2QbNvqvENDB7QVrqfydX9GX-zF95d9PksSet3jRDbvyIme2fgFaRNZFuqTsVkljENy8X7JytwHk1nL1BkIfdNjClmloVTJu_-uk-Kp3JnGENUsXOAq3zno34smNDoJzMEUUwIyxoLKezpT_c5k9J5j74vWpCbHNQ8yXN3iD3in8kjLICg_zxQmH7KV9y0xZlaWU13KIxtBRi0pbnvYPXzXd46xyjwUEXOZR4YWIskriQ55K&sai=AMfl-YRHizcITPp_-1X_Gcc2XnHW27cKBxJufdl4crggf_L3mwOwcoSy2H3jW0UgZlfjBDi823Pvuec7hYmREW1MK-UrVqYoBc8Sb2RzSf0j7d6Rczzx7k7rREEQsFbQYYcs&sig=Cg0ArKJSzBU3fXl7eBrdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B35C107F29CC9EA45D687E7C8F9A7ADF
Requests: 11 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: DE0C32895AAB8925FA49311EF1E109D0
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 14FCDD0383D0EE742AAAE618B6D2C3E1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: D9C08612CF90AD46E789EF297D18CB5F
Requests: 14 HTTP requests in this frame

Frame: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3CE6008E3499F10F6C1B8AB9685468CF
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhju54jGATAB&v=APEucNX8kIGFf2t4RTKlgZmgS4VHsWxshsgqLCHm7xfReBMPF9jovYbE-OPZrOS-WaktfxsHitaxi6PgJUQRAm4nvTGDsqSYKWrDHK6cSRAjDACIweJScVy5UCZwii80Qcs-JiI82ScLPXtekE2ToXHJvbT8xPSpup3wovWOvQDmMbBc_NdcVmA
Frame ID: 1CCE50B4A5047F5011D9D2B10163B654
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
Frame ID: 438CE9BEE45BE6CA8BE5BC280F572495
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9A3BC83A910FDD1A5D7A4B3BB6D90C5D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Frame ID: FFADF2806D1D311E01F71A667D94372F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2FCA700FC02726AF62A19D471509CD8D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4397CDADB14E5CE5311B87AB5657FE0E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e3553c089527%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D610%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
Frame ID: FDBB9E592A0EA31417B473CFDA85A2F6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df24dc799d48504%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
Frame ID: 559295931DF01D40D3A01D31DB7857F2
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.bunburymail.com.au
Frame ID: 3C7C57AA20E7E02CECF5BC9E4DE6AADF
Requests: 2 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: 0844F622A10F987F9338007310DD4902
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 940963FF0609DD614FB73C99E571F49D
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df66d2df1269748%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
Frame ID: 20D974894B3AF12EE197AEFFBE5FAFBB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Employers urged to embrace hybrid working | Bunbury Mail | Bunbury, WA search

Page URL History Show full URLs

https://marketing.buscircle.com/acton/ct/43385/s-01e7-2204/Bct/q-0006/l-sg-contact-0002:2113c/ct30_0/1/lu?si... HTTP 302
https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12 Page URL

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

231
Requests

97 %
HTTPS

46 %
IPv6

43
Domains

77
Subdomains

70
IPs

9
Countries

4203 kB
Transfer

12485 kB
Size

31
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://hiring.bunburymail.com.au/
Title: Place a Job Ad

Search URL Search Domain Scan URL

URL: https://addirect.com.au/
Title: Place a Classifieds Ad

Search URL Search Domain Scan URL

URL: https://tributes.bunburymail.com.au/obituaries/bunburymail-au
Title: Tributes

Search URL Search Domain Scan URL

URL: https://celebrations.bunburymail.com.au/celebration/bunburymail-au/
Title: Celebrations

Search URL Search Domain Scan URL

URL: http://www.countrycars.com.au/
Title: Cars

Search URL Search Domain Scan URL

URL: https://www.realestateview.com.au/real-estate/wa/bunbury/homes-for-sale
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.agtrader.com.au/search/wa--southern?utm_source=bunburymail.com.au&utm_medium=classifieds&utm_campaign=regionals
Title: Ag and Rural

Search URL Search Domain Scan URL

URL: https://garagesales.acmcloud.io/?lat=-33.340354&lng=115.633637
Title: Garage Sales

Search URL Search Domain Scan URL

URL: https://www.australiancoupons.com.au/
Title: Discount Codes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/&text=Employers%20urged%20to%20embrace%20hybrid%20working&via=BunburyMail

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/zez-l2t-b-ob/?ob_clickid=$ob_click_id$&utm_source=outbrain&utm_medium=display&utm_campaign=004f4cb94fe3b203cf4203491e35912660&utm_term=$publisher_name$_$section_name$&utm_content=Diesen+Trick+verheimlichen+Krankenkassen%3A+Kostenloser+Zahnersatz&obOrigUrl=true
Title: Promoted Diesen Trick verheimlichen Krankenkassen: Kostenloser Zahnersatz Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://www.perfekterkoerper.com/landings/liver-complex/3/ob/?utm_source=outbrain&utm_medium=$publisher_id$&utm_campaign=00509de8e6a0e3b8e4ad49045ac7ef0e88&utm_content=00ec59f086a553d20878de3a79ab282842&utm_term=$section_id$&native_campaign=Product:LC_Page:DE_Landing:P3_Device:Desktop_Creative:W_Copy:Dec21_Type:AUTO_MaxCPA:50_Price:49.9_Date:14.2.2022_Agent:Jan_Doctor:Majic_Opombe:&refferalid=004&obOrigUrl=true
Title: Promoted Die Hauptursache für Bauchfett. Achtung: Es sind nicht die Kalorien Perfekter Körper

Search URL Search Domain Scan URL

URL: https://stars-and-stories.com/beitrag-11-4?obOrigUrl=true
Title: Promoted Fast immer ausverkauft: Ganz Deutschland jagt Veronas Testsieger Creme Stars & Stories

Search URL Search Domain Scan URL

URL: https://versicherung.dentolo.de/comparison-native/?utm_source=outbrain&utm_medium=display&utm_campaign=00d606db179c8a280d1ad4f63923f85b95&utm_content=0042aefd7516d61d3bcbf62519b5757b3a&source=out_comparearticle_content&utm_term=$section_id$&tbclid=$ob_click_id$&title=Zahnimplantate+zu+teuer%3F+Nicht%2C+mit+diesem+Trick&obOrigUrl=true
Title: Promoted Zahnimplantate zu teuer? Nicht, mit diesem Trick Zahnzusatzversicherung 2022

Search URL Search Domain Scan URL

URL: https://quiz-lounge.com/Der-Fuehrerscheintest-Wer-hat-Vorfahrt-a57896.html?utm_source=Outbrain&utm_medium=Discovery&utm_content=Welches+Auto+hat+Vorfahrt%3F+80%25+antworten+falsch%21&utm_term=$publisher_name$_$section_name$&obOrigUrl=true
Title: Promoted Welches Auto hat Vorfahrt? 80% antworten falsch! Quiz Lounge

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/Bunbury-Australia/Bunbury-Mail/249784282359
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/BunburyMail
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.realestateview.com.au/
Title: Real Estate View

Search URL Search Domain Scan URL

URL: https://www.exploretravel.com.au/
Title: Explore

Search URL Search Domain Scan URL

URL: https://viewinsurance.com.au/
Title: View Insurance

Search URL Search Domain Scan URL

URL: https://www.beevo.com.au/
Title: Beevo

Search URL Search Domain Scan URL

URL: https://www.countrycars.com.au/
Title: Cars

Search URL Search Domain Scan URL

URL: https://whizz.com.au/
Title: Whizz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://marketing.buscircle.com/acton/ct/43385/s-01e7-2204/Bct/q-0006/l-sg-contact-0002:2113c/ct30_0/1/lu?sid=TV2:TQEMvH0ii HTTP 302
https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=1325236974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_pre=CJroyq_-ofcCFVKLdwodlkoHhQ;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=1325236974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1&C=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl.ko.qxR74t7yU.isv5RwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1&google_hm=2

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOOFH6Z4lRETHRVxvc_iUds&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOOFH6Z4lRETHRVxvc_iUds%26google_cver%3D1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyMTA0NDMxMjYzOTQzNjE5OA%3D%3D

Request Chain 190

https://secure-au.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 216

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e3553c089527%26domain%3Dwww.bunburymail.com.au%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bunburymail.com.au%252Ff29a56727393b34%26relation%3Dparent.parent&container_width=610&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FBunbury-Australia%2FBunbury-Mail%2F249784282359&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e3553c089527%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D610%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Request Chain 217

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24dc799d48504%26domain%3Dwww.bunburymail.com.au%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bunburymail.com.au%252Ff29a56727393b34%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FBunbury-Australia%2FBunbury-Mail%2F249784282359&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df24dc799d48504%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Request Chain 228

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df66d2df1269748%26domain%3Dwww.bunburymail.com.au%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.bunburymail.com.au%252Ff29a56727393b34%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FBunbury-Australia%2FBunbury-Mail%2F249784282359&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df66d2df1269748%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

231 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/
Redirect Chain

https://marketing.buscircle.com/acton/ct/43385/s-01e7-2204/Bct/q-0006/l-sg-contact-0002:2113c/ct30_0/1/lu?sid=TV2:TQEMvH0ii
https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

114 KB
30 KB

761ms
330ms

Document
text/html

108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-124.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

a9a2ea9b71197c5f55e1549e2f7bffe76bcc29af8fe0c7914a4a2f814a27d2c4

Security Headers

Name	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: child-src * blob:
content-type: text/html; charset=utf-8
date: Wed, 20 Apr 2022 06:13:53 GMT
last-modified: Wed, 20 Apr 2022 06:13:47 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent,Cookie,Origin
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-amz-cf-id: whMunf1-9J7EvNmAF8cdsyuX5-fpVguN7AvrqhPxA8wUGVOE5tOfSA==
x-amz-cf-pop: DUS51-P2
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 20 Apr 2022 06:13:52 GMT
Keep-Alive: timeout=10
Location: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Strict-Transport-Security: max-age=16070400

GET
H2 200 base.css
www.bunburymail.com.au/static/1650328207/legolite/css/ 186 KB
34 KB 25ms
23ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/base.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 66fc96e9da69fb6dc010c59603c13e25a21db557b32afa5ae065108ec0e510ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:31 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 442
etag: W/"625e028f-2e786"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: TY8Z9qAzgWjl2_TmKYuE_zeJDT4dpjJVkMPKgKKA5INvoUOvBCIyfg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.css
www.bunburymail.com.au/static/1650328207/legolite/css/ 68 KB
12 KB 22ms
20ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/desktop.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5133f0eac95271b119957cb2b775b64c2591bd07fc1af3550f6e0671d3283d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:31 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 442
etag: W/"625e028f-10e68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ZcJewsqUalJEAr506J-WhWcdzTWbB120dZYfvfyKpWFy1VsiNtM1zQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masthead-tablet.css
www.bunburymail.com.au/static/1650328207/legolite/css/vendor/ 214 KB
42 KB 38ms
37ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/vendor/masthead-tablet.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: db467146b71336f602c1f73aa38765ea43c3c1f3cded095a1389665e640af4b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:30 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 442
etag: W/"625e028f-356a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: r33Y4PvNTLjreUXbo4Norwzt_WBAwcZtfS0REiXzyA0eGg8eErr68w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons.css
www.bunburymail.com.au/static/1650328207/legolite/css/masthead/ 247 KB
53 KB 33ms
32ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/masthead/icons.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6f1f9ec4e2325dd79fe242e37ecbe16b2f35229e06e56db19552e82ed0168c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:31 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 442
etag: W/"625e028f-3dccc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: QhcSCVxIQN5K6mfZPMQIgbfQNHdqVUvZKyODmPMTX02Db5BJM8t4Kw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masthead-skin-canberratimes.css
www.bunburymail.com.au/static/1650328207/legolite/css/vendor/ 2 KB
903 B 23ms
21ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/vendor/masthead-skin-canberratimes.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 80f16f6cc6ad09222b82ead9d638ce890ccebcf88a91984d9527b0537b48d524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:31 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 442
etag: W/"625e028f-708"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: yVpxVSImjLyeyBLZFjECqZIafm_hg8jJyY20oIt6ep9cak4fWE3MnA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 legolite.css
www.bunburymail.com.au/static/1650328207/legolite/css/ 62 KB
13 KB 29ms
28ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/legolite.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5b1d5e1814ff545214df01acbe67b26df8bde70575ac0bd272433c838791b535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:31 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 442
etag: W/"625e028f-f791"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: WGirEH2705liTKZ5NyOlpCQ0zhE5l1zDJQZQBN5L3oaCTT0HTPKQkA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 44ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5398492ba71b1db434c6dcc2a42743e0a4d4da01a83766e94f8930b7953027ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 06:13:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Apr 2022 06:13:53 GMT

GET
H2 200 teju-webclient.min.js Show response
static.solutionshindsight.net/teju-webclient/ 77 KB
24 KB 46ms
11ms Script
application/javascript 108.157.4.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f1828064e1094da107203d0cd2b5fed8a387c6d438a1903b4aa71f2232be226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:11:20 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 16:45:06 GMT
server: AmazonS3
age: 154
etag: "ec77d10a1219593dc020e85a0ee921a3"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 24207
x-amz-cf-id: sXHTYlwVFs8amRMe0TIIZpczVGwklDM61mu5kMGIi5kq3QjW77Gvug==

GET
H2 200 masthead-main.png
www.bunburymail.com.au/static/1650328207/sites/bunbury-mail/images/masthead/ 15 KB
15 KB 90ms
88ms Image
image/png 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bunburymail.com.au/static/1650328207/sites/bunbury-mail/images/masthead/masthead-main.png
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 98dde543eb20ec2cdf516a9eb7a9ab576a1f3d6de83f72a7ef46f139e1ef13e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:32 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 441
etag: "625e028f-3bb3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 15283
x-amz-cf-id: -lQo3cEqx8OnqGfKqwE1F7uwiiS215mpCucfARiBZuqAhM5Gc5ncQg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 r0_0_800_600_w1200_h678_fmax.jpg
www.bunburymail.com.au/images/transform/v1/crop/frm/silverstone-feed-data/b2f2bdb3-324c-458f-ae6c-7b37d675fe68.jpg/ 70 KB
71 KB 55ms
53ms Image
image/jpeg 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bunburymail.com.au/images/transform/v1/crop/frm/silverstone-feed-data/b2f2bdb3-324c-458f-ae6c-7b37d675fe68.jpg/r0_0_800_600_w1200_h678_fmax.jpg
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 21e44cf4e4be86fff7059242b352bafc262cda37d5902c403981d2768152e7cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:30:50 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified: Mon, 28 Mar 2022 16:46:05 GMT
server: nginx
age: 121383
etag: "7d1bc9012edfa6ba546261023ba41e31"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-P2
x-transform-stats: ft:0.062 tt:0.001
content-length: 72028
x-amz-cf-id: cClWZaprc6BgKUaaU1a4TdIgRILLs1RaBQs45tGF8t4mVI_fNT4CeQ==

GET
H2 200 spinner.gif
www.bunburymail.com.au/static/1650328207/images/ 2 KB
2 KB 58ms
57ms Image
image/gif 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bunburymail.com.au/static/1650328207/images/spinner.gif
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:32 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 441
etag: "625e028f-739"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 1849
x-amz-cf-id: oednP5Dm3Cx6MExlfVh2czoVgQ1MUgbmYTc34Izab7x4aPwH1Uwcnw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masthead-alt.png
www.bunburymail.com.au/static/1650328207/sites/bunbury-mail/images/masthead/ 7 KB
7 KB 104ms
103ms Image
image/png 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bunburymail.com.au/static/1650328207/sites/bunbury-mail/images/masthead/masthead-alt.png
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 3fd71f5e1b6d4dbfa202669bbc69f8065462802b01b7a438518f1c5e3ff9547a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:32 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 442
etag: "625e028f-1b47"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 6983
x-amz-cf-id: HDskblkbw-Klw0vHat7_x7chJVZdSo11TYesc2GpJa3S6JuiJaJnew==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendor.js Show response
www.bunburymail.com.au/static/1650328207/legolite/js/ 408 KB
129 KB 36ms
36ms Script
application/javascript 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/js/vendor.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e75899d5aa4ae5a6c117092f2979096d115e2baef29137be856f473aba45d8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:31 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 442
etag: W/"625e028f-65e57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: LuX0OlWXicQtaznS2JvLgQZ8_RKejyFdQ0FqT5HFVxno4S4oB75eMg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.js Show response
www.bunburymail.com.au/static/1650328207/legolite/js/ 231 KB
66 KB 37ms
36ms Script
application/javascript 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/js/app.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 21d213c9eb95ea5a13b575d72f101fda45ab6413596423662e4933c3e6f8e3aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:31 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 442
etag: W/"625e028f-39a40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ejsKwtNFzriievTzFV5ICZT-a1S_qYqGqpkoU4LgYQgLq3H6rbX0KQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 136ms
67ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

a1f770e5189bda45f48850960cf778982b4dbc71e8a572724d961c7a786823b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28514
x-xss-protection: 0
server: sffe
etag: "1191 / 929 of 1000 / last-modified: 1650405960"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H/1.1 200
OK 186432-278594325649166.js Show response
js-sec.indexww.com/ht/p/ 113 KB
35 KB 187ms
44ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186432-278594325649166.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 84090c263e0f79c47ea50c29ad48d787a88b729b9afaac719393065918f459c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Apr 2022 05:25:30 GMT
Server: Apache
ETag: "904ada-1c421-5dd0f38c3ce67"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=931
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 35007
Expires: Wed, 20 Apr 2022 06:29:25 GMT

GET
H2 200 mobile.css
www.bunburymail.com.au/static/1650328207/legolite/css/ 85 KB
15 KB 101ms
100ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/mobile.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5ea13c23b63db24ff053b28f2ea7309ab98230d14479cf23f1a84fc12cadac38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:32 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 441
etag: W/"625e028f-153b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: mXNu_trZ8poTVN6YnUsiX0WcDTzSpRrggRJbFGUiOXZiREtKlMfZ4Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tablet.css
www.bunburymail.com.au/static/1650328207/legolite/css/ 71 KB
13 KB 91ms
90ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/tablet.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b003d841f1cbfd8defb000569a4d2e00d8c6b52c1e4e52fb20ec1d740c974f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:32 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 441
etag: W/"625e028f-11beb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: TxcVayNTnj0RtI9Z1Asmei18hGYvXGx9MPS0UK3UgFGqRhKp6pPXFQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tablet-landscape.css
www.bunburymail.com.au/static/1650328207/legolite/css/ 70 KB
13 KB 96ms
95ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/tablet-landscape.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6b94468447d78653525d753177d44791f13e0520dfad5042b12cbf96011d7227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:32 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 441
etag: W/"625e028f-116bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: tpbmE9aJuznNjJlTkN16XYqCmNsyBFg8NOx2a_vZycEU4wxW47mjyA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masthead-mobile.css
www.bunburymail.com.au/static/1650328207/legolite/css/vendor/ 185 KB
37 KB 92ms
91ms Stylesheet
text/css 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/vendor/masthead-mobile.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-124.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: d2f1aee1a9cd7957dea20305e185de71cc8b5b36c3652e93b658ccde0dcb5c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:06:32 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 00:30:07 GMT
server: nginx
age: 441
etag: W/"625e028f-2e356"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=315360000, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 6GbOFEYqAkAXBMC5Q31j5LCluzO221yYg4ADTvQs0PEazPiz7Gkx4g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 333 KB
89 KB 129ms
59ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KPMZ4JM

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1de5da3906898af32b1d914048c6df2c1cba2c756a4ba72dcb4308dd02e12cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90195
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 135ms
45ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 21:33:16 GMT
x-content-type-options: nosniff
age: 549638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 21:33:16 GMT

GET
DATA 200
OK truncated
/ 698 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 495a25bc34fa5587f34b986afa47450cfcf14a44e75702f77986d872f38ffc3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3cf517b81c423745f3492c52555abc85cbc7798d721b333f1d2a87e794cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 164ms
86ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 562224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 18:03:30 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 147ms
70ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 18:04:09 GMT
x-content-type-options: nosniff
age: 562185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 18:04:09 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 198 KB
69 KB 817ms
617ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f067779c6d65d088018e6153072088c335c178a4bf4a3398b1faee6c8e291a87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 11:27:59 GMT
etag: "16-jhDeXsoVgJDzWyH4dCpIvcheDPQ"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: ce287cb3fba3990c0d8eb055d90e8f2d
timing-allow-origin: *, *

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 154ms
102ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 21:34:14 GMT
x-content-type-options: nosniff
age: 549580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 21:34:14 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
70 KB 191ms
64ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/static/1650328207/legolite/css/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bunburymail.com.au/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 21:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70728
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: daa0f02867305e0e1ca54cb465680525
accept-ranges: bytes
cf-ray: 6febbc957f2323df-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v23/ 12 KB
13 KB 151ms
100ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,600,700|Montserrat:700|Source+Sans+Pro:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7567ab4fbd2c87002df2af4eb0199cc67f27b6c53135c6928ee893173f3a48f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 01:25:19 GMT
x-content-type-options: nosniff
age: 449315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12776
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 01:25:19 GMT

GET
DATA 200
OK truncated
/ 346 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 404b904f1d21059e43c8d5a2a5588c301310a2df08ba601c99096454277455a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 488 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e63ce2cd90b5a7afcd2d6f962083c887bcf442c46987aaf5ba719ca23591881

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b906fc46b61702ca44065496615da1c589eed624c4ddaf7862f1bd9fd8ab22c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34604ba39b93517852a6a2239fca2a8ef5454ef608d91dfdba2413a5c03c9ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 278 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4abe9cdc849179867d36f46e63d86bfad9f88012a023889526f75df42ebcd8bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 pubads_impl_2022041301.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 29ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125956
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 08:34:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Apr 2023 22:36:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
115 B 72ms
39ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bunburymail.com.au

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

cb9379e97b59dc280578ef82284d5fabe2d798ca624c4169dff8b6727afc556f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 96 KB
37 KB 53ms
16ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-T2NBD8D

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c0f46cbb80e6fe12b40e49ecd795911837061ee091386648b197d7011e9d563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37851
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 41ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: dZclEuQT3MGVVqthZE4PeiXwDyiIsbhxBEoGB7FswFnpERHvpTHAL/IPGpoV0h1ZWIS8H5oY8zgQiVKdpd3MoQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 20 Apr 2022 06:13:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 42ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7003
date: Wed, 20 Apr 2022 04:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 20 Apr 2022 06:17:11 GMT

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/94912c09593f641e7067418aaecb8def/ 27 KB
5 KB 194ms
111ms Script
text/javascript 2a0b:4d07:1::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/94912c09593f641e7067418aaecb8def/web_surveys.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:1::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e447616904a793ce8ee1467f09127bfc8f0f2e0808beaeb816e7d171331150c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 02:29:53 GMT
server: keycdn-engine
x-amz-request-id: 769ZAF2METPX0A8Z
x-edge-location: defr
etag: W/"f7048d4da7d241d038a0311039915562"
x-cache: REVALIDATED
x-amz-version-id: DwoXkzIJM_.s_vmg8VXQth2AxAWdGUgd
access-control-allow-origin: *
cache-control: max-age=10
content-type: text/javascript
x-amz-id-2: Q9GP/k8xE9dXaG+CJritwmcgjGp5UzduRI8X5bNHa2ifAA4cSOjf84E2hHJYgBrsc8C85M+WmEM=

GET
H2 200 snxj6l9wj.js Show response
cdn.krxd.net/controltag/ 57 KB
18 KB 56ms
8ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d9b7f18672377ecefa3d899825b376e38ae295ca7325b1b51cfa715a38b267b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 20 Apr 2022 06:13:54 GMT
via: 1.1 varnish, 1.1 varnish
age: 261
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 18058
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kcgs7200047-IAD, cache-hhn4034-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1650435234.270262,VS0,VE1
etag: "bdf559e0b7669449d31a67b40b05e7f08f8c7701"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 moatheader.js Show response
z.moatads.com/acmheader706032617774/ 255 KB
88 KB 68ms
16ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/acmheader706032617774/moatheader.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 70fbf13b7e78b769a618e595d9add29172e4b149b3988a5d35b75dcde514d44b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 16:09:36 GMT
server: AmazonS3
x-amz-request-id: V75VMN0VA6EMYVVB
etag: "84ada4133c7e94ce7b6e276baec7367b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=17849
accept-ranges: bytes
content-length: 89339
x-amz-id-2: odPIBMegkL6MI8d7fy9LHjtrAU6LwKyolgLgXHg6dKcuqyqCdiJ0umHpmW4YZkJVBPgXjf6OGsU=

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
334 B 51ms
18ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.bunburymail.com.au
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
550 B 105ms
31ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186432
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: f9ded48ca70a7c033c5cf8bee7919077218d8da5b9452eb4bfb36a3fc46661ad

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bunburymail.com.au
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 20 May 2022 06:13:54 GMT

GET
H2 200 origami-widget.js Show response
origami.secure.ownlocal.com/ 13 KB
14 KB 98ms
7ms Script
application/javascript 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://origami.secure.ownlocal.com/origami-widget.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.77.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 06:19:08 GMT
age: 86086
x-guploader-uploadid: ADPycduD3Xeb7je5wymkDExue8ovLTBymzEwFiEB7NUeqzZYGlCfzRIOhLn2K0nJ8VDJrn5_PICwlY6U9lEqP7dIyL90iNKOqTZ_
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13289
last-modified: Mon, 19 Oct 2020 18:40:43 GMT
server: UploadServer
etag: "f5183a07384a657e61aaaeba0fc72448"
x-goog-hash: crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
x-goog-generation: 1603132843078573
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 13289
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 20 Apr 2022 06:19:08 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 68 KB
23 KB 63ms
12ms Script
application/x-javascript 2600:9000:2315:c600:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:c600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 39ce831c2d42884a6bc694df10253f7d52b9e6c18c9e92b7ee5b00ba7ad0c14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:11:05 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 00:10:52 GMT
server: nginx
age: 169
etag: W/"625f4f8c-110d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: c7OxsXYlxZ1cITAuKEstOjgHOVe9nljPoHa0X9C6EaS4K-40E8Mnog==
expires: Wed, 20 Apr 2022 08:11:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 43ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bunburymail.com.au

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bunburymail.com.au

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
11 KB 68ms
67ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

bdd7e17fcbd2d9a275ec8ffbca29f2af5eb51223697d35e7214640b90ef33183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11211
x-xss-protection: 0
google-lineitem-id: 4877223536,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138252499898,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bunburymail.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E37D 6 KB
4 KB 52ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:54 GMT
expires: Thu, 20 Apr 2023 06:13:54 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 467 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6108edbc1f5214af071c67c83109f7537844742f184c70e53eec990a9ee531d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Tress.php Show response
pixel.roymorgan.com/stats_v2/ 0
352 B 957ms
278ms Script
text/javascript 13.239.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.roymorgan.com/stats_v2/Tress.php?u=cvcyowszle&ca=20005452&a=ag9gg094&cb=1650435234342

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.239.102.90 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-239-102-90.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
content-encoding: none
x-content-type-options: nosniff
server: Apache
x-powered-by: PHP/7.1.33
x-cache: MISS from pixel.roymorgan.com
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store
content-length: 0

GET
H2 200 / Show response
www.bunburymail.com.au/promotions/website_content_esov/ 13 B
437 B 324ms
324ms XHR
application/json 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bunburymail.com.au/promotions/website_content_esov/?view_type=STORY&limit=3&_=1650435234076

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-124.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

eeb85c2675888473ec64b7580aa0c76c6fd6b2bd51828870286ef202ad89dae2

Security Headers

Name	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
X-NewRelic-ID: XAADWFRTGwoIV1NSAAQE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Response headers

content-security-policy: child-src * blob:
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: DUS51-P2
date: Wed, 20 Apr 2022 06:13:54 GMT
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
vary: Cookie,Origin
content-length: 13
x-amz-cf-id: INCMex-fJf8xUqeBwxCa3NB-hpOeZv5JTWE2q59DwVaD0F1zyAAxtQ==
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42bdbdbda85dbbc06e94cf5488f75f516f94e6559641fc273045ab0b26cbf067

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 controltag.js.f5d7048d3841bccb4f5d92333c20b066 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 8ms
7ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
age: 1620690
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1334644
content-length: 84741
x-served-by: cache-hhn4034-HHN
last-modified: Fri, 01 Apr 2022 11:47:20 GMT
x-timer: S1650435234.361557,VS0,VE0
etag: "f5d7048d3841bccb4f5d92333c20b066"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Mon, 29 Mar 2032 11:47:19 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 28ms
10ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:42:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Apr 2022 06:42:44 GMT

GET
H3 200 212556246621990 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 90ms
79ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/212556246621990?v=2.9.57&r=stable

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a0e1613fe6d7a573512793140e18b12e2deab996d0f03f186a6b3a15153728b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Q4PMXisvZDyXMbHd6f/GwvBlqw3wRG+kugGg3O7cAf2jIOTVCqy3WOpDEsVIunUTuNCaLUhNrh/IxCyS1UARvQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 20 Apr 2022 06:13:54 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 35ms
19ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7PC84FGF0J&l=dataLayer&cx=c

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbd235c6a0e9016a2a4e97a56229a30942117da92628bf7a0c24fb3a5b5b9ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69286
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 292ms
95ms Image
image/gif 54.208.44.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bunburymail.com.au&p=%2Fstory%2F7677050%2F&u=DCWrJxBrdSmDCF4Qyk&d=bunburymail.com.au&g=66019&g0=national%2Cnews%2Cstory&g1=Marion%20Rae&n=1&f=00001&c=0&x=0&m=0&y=2978&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1867&t=DcULEuD28_RFD0GVaJzl138DZsOga&V=132&i=Employers%20urged%20to%20embrace%20hybrid%20working&tz=0&sn=1&sv=BvX1e3BJ97wfyzu41mabNcDb2qcL&sd=1&im=06630ef0&_
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-44-81.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 311 B
486 B 144ms
44ms Script
text/html 18.170.16.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4azsEZ7JWWiCEpP%2F6puplsC0%3D&rs=1-HTLzQ%2BKASm48Xw%3D%3D&sc=1&os=1-MA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&pcode=acmheader706032617774&rx=120082439039&callback=MoatNadoAllJsonpRequest_40602751
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/acmheader706032617774/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.16.189 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-16-189.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: caad48abaa3ee24e32068478cdb04c6bca7e1e140068295cdb5bb6c22a456663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "6e08f7d03bd51452fc32c423d74509e7720c049b"
content-length: 311
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 100 B
276 B 143ms
38ms Script
text/html 52.208.32.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4azsEZ7JWWiCEpP%2F6puplsC0%3D&rs=1-HTLzQ%2BKASm48Xw%3D%3D&sc=1&os=1-MA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=ACM_HEADER1&hp=1&wf=1&sgs=3&vb=2&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1650435234390&de=126646547158&rx=120082439039&m=0&ar=bee2df476bf-clean&iw=0bc3758&q=1&cb=0&cu=1650435234390&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A1469%3A1469%3A0%3A1782&fs=198121&na=1574005573&cs=0&callback=MoatDataJsonpRequest_40602751
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/acmheader706032617774/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.32.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-32-237.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: bc943dbb3fd97cb79984703e5585d260066797ffbf821d874511c3ecaf1d4c85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "4093729d49f0962eca3aa6445f8798e78fa9f6d8"
content-length: 100
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 1D7A 1 KB
2 KB 14ms
13ms Document
text/html 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=1905
content-length: 1374
content-type: text/html
date: Wed, 20 Apr 2022 06:13:54 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-amz-id-2: bLl72GtpcxM8rSKIodQlKgK0BRPdEbxIV8PPGYh9PcLqpR363i0Z1TjhY7+mRyWYYTxnhPRiG5Y=
x-amz-request-id: A3423FE5772816F0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 169ms
88ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19530&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&p_screen_res=1600x1200&site_id=225350&zone_id=1105710&kw=rp.fastlane&tk_flint=index&rand=0.057092085529405256&alt_size_ids=10
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 97e6cb1fdafffeb910b83f05480aa133ba545beca77ba4316fd197995395cf55

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:54 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bunburymail.com.au
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
415 B 41ms
13ms XHR
text/javascript 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=245847&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2271131268%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22249389%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22249388%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22249390%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22249391%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2232e18028-6796-467a-a936-9ae4e2d33b7e%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-04-20T06%3A13%3A54%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ac599cab7a6a51e6e395574068dd128024e576e2647eb57a3123eed0c051143d

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.5], XFF:[]
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.bunburymail.com.au
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 96
x-ak-client-geo: 12
expires: Wed, 20 Apr 2022 06:13:54 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
122 B 736ms
238ms XHR
text/plain 204.237.133.116
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bunburymail.com.au
date: Wed, 20 Apr 2022 06:13:55 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B35C 0
0 41ms
41ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTnPD_vwZ_Xc22STQbxrjaYrbqBiZFoQWUnHFuSL4_qIQCKXImisJvlIblml8UCsBDGfrDNw1-E-utjXilAQOlhr81Sr_cC4zMsmAcGO3Qq2QbNvqvENDB7QVrqfydX9GX-zF95d9PksSet3jRDbvyIme2fgFaRNZFuqTsVkljENy8X7JytwHk1nL1BkIfdNjClmloVTJu_-uk-Kp3JnGENUsXOAq3zno34smNDoJzMEUUwIyxoLKezpT_c5k9J5j74vWpCbHNQ8yXN3iD3in8kjLICg_zxQmH7KV9y0xZlaWU13KIxtBRi0pbnvYPXzXd46xyjwUEXOZR4YWIskriQ55K&sai=AMfl-YRHizcITPp_-1X_Gcc2XnHW27cKBxJufdl4crggf_L3mwOwcoSy2H3jW0UgZlfjBDi823Pvuec7hYmREW1MK-UrVqYoBc8Sb2RzSf0j7d6Rczzx7k7rREEQsFbQYYcs&sig=Cg0ArKJSzBU3fXl7eBrdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 tag Show response
a.teads.tv/page/94481/ Frame B35C 383 B
479 B 85ms
49ms Script
application/javascript 104.79.89.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/94481/tag
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0646ca280b3289369e48cbb69c7988e6754936d22edaf7a6280f4a6954281acd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 280
expires: Wed, 20 Apr 2022 07:13:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B35C 119 KB
37 KB 61ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/acmaugamdisplay714860376938/ Frame B35C 12 KB
5 KB 18ms
18ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/acmaugamdisplay714860376938/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e1520323683aaef1a6ba78f345b2ef3e04b77a2d57b8830845842e3da498f1ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 16:09:50 GMT
server: AmazonS3
x-amz-request-id: B2WADEBCGN8P9QX6
etag: "33cc02cff3b632e64c4860e00e26255c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=17914
accept-ranges: bytes
content-length: 4355
x-amz-id-2: rLfk1TR251buaxInwV3Oj/9rEC7NwtZcyic08Puf47rD1pQ385avfD3Ue3SwP2uqsxU7HXVdacQ=

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
32 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1580b72c630fcf80cda946929d9c3b3ad7911392b35b3caa08f49ef87ffbbb32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32572
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 61 KB
17 KB 44ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bunburymail.com.au/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4172890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17086
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-f4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLO%2FvE%2Bb%2BodTu5tTW2fdM4v82r8hT%2Fup495T4hw%2B%2FjfZWCnsAkAu%2BuKdkrmwo%2FotA1yD%2FBb9GzHT2cZSBZPnMV60ag4WB8EYZRrMVg%2FbilO6PtDT45n4rJH%2FU2DrA2QUQL7enEPv7G6RE8HztuNL5KcN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6febbc97eb39cc5a-ZRH
expires: Mon, 10 Apr 2023 06:13:54 GMT

GET
H3 200 active_orders Show response
origami.secure.ownlocal.com/api/ 14 B
42 B 173ms
163ms XHR
application/json 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://origami.secure.ownlocal.com/api/active_orders?owned_by=a1547dc4-03a0-4426-966c-270950d7280d

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

232.77.96.34.bc.googleusercontent.com

Software

nginx/1.17.2 /

Resource Hash

5021e624e752b001ce3e3846e8f158ed4aeb93a4c9a72fdb35a0c5b14a0eea84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
via: 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
x-request-id: b25e1f0a-ece3-431c-8796-9072cf4487b6
x-runtime: 0.043740
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.2
x-frame-options: SAMEORIGIN
etag: W/"5021e624e752b001ce3e3846e8f158ed"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Origin
cache-control: max-age=3600, public
access-control-expose-headers

GET
H2 200 fonts.css
surveys-static.survicate.com/fonts/ 10 KB
1 KB 28ms
7ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/fonts/fonts.css
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 12:02:06 GMT
server: keycdn-engine
x-amz-request-id: XDFXXFPQKA3DVKC8
x-edge-location: defr
etag: W/"175a0d0343589473e72c6e512936d749"
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-amz-id-2: mxFv8nvcK5QJrSesAEiuU6PZehODMzgOu6SjS6i/QBiJ8pDKoN+3psv95ktftqfwqga6CmHiAoA=

GET
H2 200 widget_core-14.9.5.js Show response
surveys-static.survicate.com/ 325 KB
94 KB 30ms
10ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/widget_core-14.9.5.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: eb3625adb6da06ded2113216ee629174aebd1ffc04427846b96d5907fcecd53c

Request headers

Referer: https://www.bunburymail.com.au/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: T7SD20H7H33FZT1F
x-edge-location: defr
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:121050345386:build/ServiceSurveysStaticBuildAs-HG6JoJVHsH3E:0df5d207-9ef2-49df-9eb8-681f33567854
x-cache: HIT
x-amz-meta-codebuild-content-sha256: 4e5d3680dd61d6dd82ae7b583854de57a9fd524d0dc3623889334c5d181456a6
x-amz-meta-codebuild-content-md5: 7415ea5129577c643836f6852f15dfaa
x-amz-id-2: FWPs9DuNxTvBjK60wtrMGtP1jdZwbdN526iQIZScs42oN6qbqIfiIi2pbuP5yfNzJTWqzK796g8=
last-modified: Fri, 15 Apr 2022 10:46:43 GMT
server: keycdn-engine
etag: W/"31007ac36b61af7972cdbb4e1a1292cc"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
445 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16730067-41&cid=172446066.1650435234&jid=2057588649&gjid=953508495&_gid=1555094316.1650435234&_u=aChAgEAjQAAAAE~&z=587669443

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Apr 2022 06:13:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.bunburymail.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 54ms
20ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-61683903-1&cid=172446066.1650435234&jid=1450818926&gjid=542677096&_gid=1555094316.1650435234&_u=aCjAiEAjRAAAAE~&z=862410634

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 Apr 2022 06:13:54 GMT
content-type: text/plain
access-control-allow-origin: https://www.bunburymail.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2042266299&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Employers%20urged%20to%20embrace%20hybrid%20working%20%7C%20Bunbury%20Mail%20%7C%20Bunbury%2C%20WA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgEAjQ~&jid=2057588649&gjid=953508495&cid=172446066.1650435234&tid=UA-16730067-41&_gid=1555094316.1650435234&gtm=2wg4i1KPMZ4JM&cd1=Bunbury%20Mail&cd2=lego1&cd3=news&cd4=national&cd5=article&cd6=Marion%20Rae&cd7=29032022&cd8=&z=1920749292

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 12:50:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62600
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2042266299&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Employers%20urged%20to%20embrace%20hybrid%20working%20%7C%20Bunbury%20Mail%20%7C%20Bunbury%2C%20WA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAiEAjRAAAAE~&jid=1450818926&gjid=542677096&cid=172446066.1650435234&tid=UA-61683903-1&_gid=1555094316.1650435234&gtm=2wg4i1KPMZ4JM&cd1=Bunbury%20Mail&cd2=lego1&cd3=news&cd4=national&cd5=article&cd6=Marion%20Rae&cd7=29032022&cd8=&cd35=301&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2022-03-29T00%3A32%3A15%2B08%3A00&cd68=AAP&z=676623286

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 12:50:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62600
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 23ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=212556246621990&ev=PageView&dl=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&rl=&if=false&ts=1650435234563&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1650435234561.1606986367&it=1650435234365&coo=false&exp=p1&rqm=GET

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 20 Apr 2022 06:13:54 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
353 B 40ms
15ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7PC84FGF0J&gtm=2oe4i1&_p=2042266299&_z=ccd.NbB&_gaz=1&cid=172446066.1650435234&ul=en-us&sr=1600x1200&_s=1&sid=1650435234&sct=1&seg=0&dl=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&dt=Employers%20urged%20to%20embrace%20hybrid%20working%20%7C%20Bunbury%20Mail%20%7C%20Bunbury%2C%20WA&en=page_view&_fv=2&_ss=2&ep.brand=Bunbury%20Mail&ep.version=lego1&ep.primaryPage=news&ep.secondaryPage=national&ep.pageType=article&ep.author=Marion%20Rae&ep.datePublished=29032022&ep.wordCount=301&ep.wordCountRange=0%20-%20499&ep.memberType=visitor&ep.adBlocked=&ep.Story%20Tags=domestic&ep.datePublishedIso=2022-03-29T00%3A32%3A15%2B08%3A00&ep.storySource=AAP&ep.memberID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PC84FGF0J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bunburymail.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 22ms
22ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7PC84FGF0J&cid=172446066.1650435234&gtm=2oe4i1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PC84FGF0J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bunburymail.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-61683903-1&l=dataLayer&cx=c

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29d250650b4dacb1953518c92e8a05c439653fc40f088a4daa6a8542cc58f3d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38756
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 44ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7PC84FGF0J&cid=172446066.1650435234&gtm=2oe4i1&aip=1&z=397254039

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame DE0C 805 B
826 B 10ms
10ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2526593
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Wed, 20 Apr 2022 06:13:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 488454
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-hhn4034-HHN
x-timer: S1650435235.611589,VS0,VE0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 39ms
18ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61683903-1&cid=172446066.1650435234&jid=1450818926&_u=aCjAiEAjRAAAAE~&z=1771265525

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61683903-1&cid=172446066.1650435234&jid=1450818926&_u=aCjAiEAjRAAAAE~&z=1771265525

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame B35C 43 B
260 B 23ms
16ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&d=ACM_AU_GAM_DISPLAY1%3A21665581034%3A21681236595%3A-&de=523237720369&t=1650435234653&i=MOAT_FEATHER_DEBUG1&gw=acmaugamdisplay714860376938&cm=1&ac=1&f=0&bq=0&ar=bee2df476bf-clean&iw=c066036&dMoatOQs=moatClientLevel1%3D4522954038%26moatClientLevel2%3D2438921438%26moatClientLevel3%3D4877223536%26moatClientLevel4%3D138252499898%26moatClientSlicer1%3D21665581034%26moatClientSlicer2%3D21681236595%26zMoatPS%3D1%26zMoatMMV%3D%26zMoatPT%3D7677050%26zMoatMData%3D%26zMoatMGV%3D%26zMoatMSafety%3D%26refresh%3D1%26zMoatCtype%3Darticle%26zMoatSZ%3D1x1&fq=1&sy=1&gh=0&wb=0&g=0&na=2095192420&cs=0
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 20ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_AU_GAM_DISPLAY1&hp=1&wf=1&ra=6&sgs=3&vb=5&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1650435234390&de=237381672141&rx=120082439039&m=0&ar=bee2df476bf-clean&iw=0bc3758&q=2&cb=0&cu=1650435234390&ll=2&lm=0&ln=0&em=0&en=0&d=4522954038%3A2438921438%3A4877223536%3A138252499898&zMoatPT=7677050&zMoatPS=1&zMoatMMV=-&zMoatMGV=-&zMoatMData=-&zMoatMSafety=-&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCtype=article&zMoatSZ=1x1&dfpSlotId=-&zMoatSlotName=-&zMoatCURL=bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&bo=21665581034&bd=21681236595&zMoatOrigSlicer1=21665581034&zMoatOrigSlicer2=21681236595&dfp=0%2C1&la=21681236595&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A1469%3A1469%3A0%3A1782&iq=na&tt=na&tu=&tp=&fs=198121&na=1113694111&cs=0
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
DATA 200
OK truncated
/ Frame B35C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba7429878d565939b7404fb90c830c64c96d490a6c5456de8cf2ab1c8ab41dfa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3220481e-9545-495d-b98d-6e863d0aa1af Show response
consumer.krxd.net/consent/get/ 238 B
430 B 73ms
34ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 683755df284c52999ee1fa0446d6afebe418bac8e820023b6087728ddfc7d5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a006-dub-prod.krxd.net, cache-hhn4069-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1650435235.708076,VS0,VE28
content-length: 191
x-cache-hits: 0, 0

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ Frame B35C 600 KB
132 KB 8ms
7ms Script
text/javascript 104.79.89.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/94481/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 362e1eca80b8e732663de5a65603a7a0c85c2deb8840cfd33f61ea14a88867ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: br
last-modified: Tue, 19 Apr 2022 09:34:32 GMT
x-amz-request-id: MPYRC5F6YPXCSC88
etag: "604ff7937cbc494a50e1a9f1af109888"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 8
accept-ranges: bytes
content-length: 134304
x-amz-id-2: z4QvkMlYAVz0iMPl7Bv4BWXOhLHctZqBQdy0zQLNrKVryqqM5NZMubV/6QgLOIfpt6lXHDT1tM0=
expires: Wed, 20 Apr 2022 06:43:54 GMT

GET
H2 200 snxj6l9wj.js Show response
cdn.krxd.net/controltag/ Frame DE0C 57 KB
18 KB 10ms
9ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1d9b7f18672377ecefa3d899825b376e38ae295ca7325b1b51cfa715a38b267b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 20 Apr 2022 06:13:54 GMT
via: 1.1 varnish, 1.1 varnish
age: 261
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 18058
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kcgs7200047-IAD, cache-hhn4034-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1650435235.707885,VS0,VE0
etag: "bdf559e0b7669449d31a67b40b05e7f08f8c7701"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

GET
H2 200 controltag.js.f5d7048d3841bccb4f5d92333c20b066 Show response
cdn.krxd.net/ctjs/ Frame DE0C 259 KB
83 KB 8ms
7ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/snxj6l9wj.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
age: 1620691
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1334646
content-length: 84741
x-served-by: cache-hhn4034-HHN
last-modified: Fri, 01 Apr 2022 11:47:20 GMT
x-timer: S1650435235.720358,VS0,VE0
etag: "f5d7048d3841bccb4f5d92333c20b066"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Mon, 29 Mar 2032 11:47:19 GMT

GET
H2 200 track
t.teads.tv/ Frame B35C 23 B
113 B 126ms
58ms Image
image/gif 92.122.144.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=35a2872a-cc76-4303-9b08-f3577c3d7790&pageId=94481&pid=117256&debug_metadata=AQdCJJsamE&fv=1028&ts=1650435234758&f=1&referer=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.144.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-144-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ Frame B35C 23 B
143 B 130ms
62ms Image
image/gif 92.122.144.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=35a2872a-cc76-4303-9b08-f3577c3d7790&pageId=94481&pid=117256&slot=polymorph&fv=1028&ts=1650435234765&f=1&referer=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.144.28 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-144-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/94481/ Frame B35C 540 B
581 B 46ms
46ms XHR
application/json 104.79.89.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/94481/ad?windowWidth=1&windowHeight=1&windowDepth=2&windowReferrerUrl=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&page=%7B%22id%22%3A94481%2C%22placements%22%3A%5B%7B%22id%22%3A117256%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A610%2C%22height%22%3A343%7D%2C%22slotType%22%3A%22polymorph%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=35a2872a-cc76-4303-9b08-f3577c3d7790&formatVersion=1028&env=js-web&netBw=10&ttfb=0
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4d475c17e726c1eecf3e22020783b892ebb3cd2f55a9c80ce57eb31806a632cf

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:54 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bunburymail.com.au
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 368
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H2 200 3220481e-9545-495d-b98d-6e863d0aa1af Show response
consumer.krxd.net/consent/get/ Frame DE0C 223 B
282 B 37ms
37ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f6da03e0fbbac6ea572f250e2edb06ca2d6a0ec574191e8c7053e2f65a425496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:54 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a003-dub-prod.krxd.net, cache-hhn4069-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1650435235.820285,VS0,VE30
content-length: 182
x-cache-hits: 0, 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B35C 0
0 42ms
42ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVBKOCMEdzpjfoaqAp4Fxen8Frs1ouIORMgoLFiPZUJNpT_WInmrGTz5zi_67zg0pggjfP1VuW9MXEOwbujaJ_G0tNxJmaGy9JxSJ6xjvndo6tNt17uCpX76uRkiDUwwxn4I1gpr1HCVgXSYBz0t97-tOmlgi62KVrXcKI9CUUsCfcQVhM_A7mPQnfl5BqOFc7oakK34VodQv6vlrttltBk6jb7_fnE7bFd4pglRuiae0Gt16ebm85jMQMCUmJPGY1A9gXj9VIXnORPe02m1nxZmexvtBMgQaunj9ZaBHuKifaBmcCOXXgko72IkfaAa0KW8otLzxlt-ikmCvSd-Q77_WcNEc&sai=AMfl-YQ7Twul_ahogjm9QAWr9bLBK2cHyb549km80fD3qen5FO95D8VYdWSRSlEvfOpErOOK0FjXtYhFbNRZEXJeQVzHUtxLBx6ZXB6llioHCW51ui-hvTfWgIfBWJak-EI1&sig=Cg0ArKJSzO-LNkr9g_lbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 20 Apr 2022 06:13:54 GMT

GET
H/1.1 200
OK d3d3LmJ1bmJ1cnltYWlsLmNvbS5hdQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
462 B 88ms
17ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmJ1bmJ1cnltYWlsLmNvbS5hdQ==
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:55 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=564
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: afc8458239ae04befe7a9512b091941c
Content-Length: 16
Expires: Wed, 20 Apr 2022 06:23:19 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 108ms
13ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Fri, 20 May 2022 06:13:55 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 14FC 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.bunburymail.com.au
Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.bunburymail.com.au
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:55 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 get Show response
odb.outbrain.com/utils/ 27 KB
9 KB 387ms
345ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&idx=0&rand=14280&key=NANOWDGT01&widgetJSId=AR_1&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=330&py=2254&vpd=1054&cw=610&activeTab=true&darkMode=false&settings=true&recs=true&version=2000678&sig=y9kXrDPO&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b4cf07064913b074032756a37eaf17f1914e788aa4ff7df70b6118ab5c90c82f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1650435235.263764,VS0,VE339
accept-ranges: bytes
x-served-by: cache-lga21955-LGA, cache-fra19153-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: c51af7035db9668b05ee5a4ae510b428
content-encoding: gzip
content-length: 9361
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bunburymail.com.au

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bunburymail.com.au

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 KB
117 KB 352ms
352ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3384657605533584&correlator=2468280876938966&eid=31067029%2C44761482%2C44752585%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=21666581298%2Cbunburymail%2Cnews%2Cnationalnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x11%2C996x120%7C970x250%7C940x250%7C940x120%7C728x90%2C300x250%7C300x600&ifi=3&adks=2169877479%2C3001441988%2C4109752419&sfv=1-0-38&ecs=20220420&fsapi=false&prev_scp=pos%3D1%26ur%3Dbunburymail%257Carticle%257Cnews%257Cnationalnews%257C1%257C1x11%257Cdesktop%26urh%3D-62830666%26condAd%3Dtrue%7Cpos%3D1%26ur%3Dbunburymail%257Carticle%257Cnews%257Cnationalnews%257C1%257C996x120_970x250_940x250_940x120_728x90%257Cdesktop%26urh%3D-1011525325%26condAd%3Dtrue%7Cpos%3D1%26ur%3Dbunburymail%257Carticle%257Cnews%257Cnationalnews%257C1%257C300x250_300x600%257Cdesktop%26urh%3D-421668437%26condAd%3Dtrue&cust_params=ctype%3Darticle%26cat%3Dnews%26cat1%3Dnationalnews%26region%3Dwa%26locstate%3Dwa%26tags%3Ddomestic%26tag%3Ddomestic%26ksg%3D%26kuid%3D%26pageID%3D7677050%26sysEnv%3Ddesktop%26generator%3Dnewsnow%26brms%3Dtrue%26brvs%3Dtrue%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&sc=1&cookie=ID%3Da5ed3c59ec539629-2250b7a67ccd00fa%3AT%3D1650435234%3AS%3DALNI_Mb4l84bWXaOZ1EK4OmsuNpqJLoWlQ&abxe=1&dt=1650435235244&lmt=1650435227&dlt=1650435233889&idt=357&biw=1600&bih=1200&adxs=0%2C302%2C970&adys=32%2C326%2C723&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C1600x0%7C300x0&msz=1600x0%7C1600x0%7C300x0&fws=0%2C0%2C4&ohw=0%2C0%2C960&psts=AGkb-H9H3cokjczYJ6WJVKiJoUaADuM9dl6OyewCOCYqzG5LBYpLPndv5lOrBnPhabtaltCm9w0faleUH6-yBqQuFOZw6KZtKNLUFqM%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=172446066.1650435234&ga_sid=1650435234&ga_hid=2042266299&ga_fc=true&ga_cid=1555094316.1650435234&btvi=0%7C0%7C0&nvt=1

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

32be1dbab85786857f0e3ed7ee5b1dcf18f99186872f87ff5e858ec0ff6cb74c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119772
x-xss-protection: 0
google-lineitem-id: -2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bunburymail.com.au
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
435 B 56ms
16ms XHR
text/plain 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=245847&u=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&v=3
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:55 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.5], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.bunburymail.com.au
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Wed, 20 Apr 2022 06:13:55 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 15ms
14ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
last-modified: Sun, 10 Apr 2022 10:23:26 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1649587012.585621"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Fri, 20 May 2022 06:13:55 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 15ms
15ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
last-modified: Sun, 10 Apr 2022 10:23:26 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1649586986.745808"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Fri, 20 May 2022 06:13:55 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 363ms
92ms Fetch
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=b6a02a18aecc137cf05d4b146d03ca5b_46374_1650435235554&tm=701&eT=0&widgetWidth=610&widgetHeight=705&widgetX=330&widgetY=2262&wRV=2000678&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=394&oo=true&ab=0&wl=0
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 20 Apr 2022 06:13:55 GMT
content-encoding: gzip
X-TraceId: aff39774cebc3de3c4d6e846cf888d5a
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000678/module/ 37 KB
14 KB 27ms
27ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000678/module/streamFeed.js?e=2
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ed1767bbd23629c2bf63fe4e7b5f088cd0e66612a4756e7e66b97de61947272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 11:27:02 GMT
server: AkamaiNetStorage
etag: "14f347179a8f3356a84dc10da9ee20bf:1650292492.915081"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13486
expires: Wed, 20 Apr 2022 10:13:55 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame D9C0 222 KB
62 KB 68ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame D9C0 16 KB
6 KB 86ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame D9C0 96 KB
29 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame D9C0 74 KB
17 KB 84ms
28ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

513db1539e2636a80095ea5400aba7f55aa44b4d78eb0440cc87b6d693cf6090

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 133409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17308
x-xss-protection: 0
server: sffe
date: Mon, 18 Apr 2022 17:10:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e7f38e1fe946943"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Apr 2023 17:10:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame D9C0 5 KB
2 KB 86ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame D9C0 42 KB
13 KB 78ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 327106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Sat, 16 Apr 2022 11:22:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Apr 2023 11:22:09 GMT

GET
DATA 200
OK truncated
/ Frame D9C0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fee79a548d63412b539dab8577bdf1d04730ca61b1d5496b3ca2711b54352fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3CE6 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:54 GMT
expires: Thu, 20 Apr 2023 06:13:54 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D9C0 2 KB
3 KB 33ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 40447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 20 Apr 2022 18:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D9C0 295 B
398 B 33ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 1821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 21 Apr 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D9C0 0
0 32ms
15ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS86ZEMZpsU61MvSTkWWkyA_vh4_3p27J6k_akXL2K2oAa9smczTFH5PYoLlgQX4DABjHZGJW3nkJRUnLTGJJpqupEBmg
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3

200

B26136620.308725970;dc_pre=CJroyq_-ofcCFVKLdwodlkoHhQ;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=1325236974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/ Frame D9C0
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=1325236974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_pre=CJroyq_-ofcCFVKLdwodlkoHhQ;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=1325236974;dc_lat=;dc_rdid...

42 B
63 B

45ms
28ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_pre=CJroyq_-ofcCFVKLdwodlkoHhQ;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=1325236974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:55 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_pre=CJroyq_-ofcCFVKLdwodlkoHhQ;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=1325236974;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D9C0 0
0 52ms
52ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzFwXo6RfYpi3EriQ7_UPms-SiAn5vKypad364OmoD9rZHhABINvxuVdglcqwgrgHoAG_57vEA8gBCakCVSY_dfEdsj7gAgCoAwHIAwiqBL8CT9AxksPokk8-8UvoAO4dFb3LaarnV4NOEhLYM78dqZCmoeROw7niB7blXRKe8QnuIkC12dbkY3bC76jq--uw8Eg7-6RBEJSBmWHp13-Cds2f1-GtD8jcQY6SLkg_pmY3lrl4rs_2cYMH-0pb0MWkchjQzgUnT1rAUdaJkGcyQfj4csz5iqwWFn0yrCPSDDue1YVhnC1hunnScSjcwzJ-jLNoB3zmV8VrI53OjxM7LXXXDmYsNpdAwzgkrT4xQOW53vFeGmm1VbyCpd4CHuUF-GBDhk4LeSRPkxOHFixmsZHt--BiZijMOkjJOJ_x7SHEVdX0mtbhCwOGRx7Yp2avHfRqxMpasGhtOvRWdJ5PfhuOug8_8VIHZUavv641_fB3u9ZrhcmpNV2BEq3UBgHpE06fh_MiV2gk3venplrez8AEvbPvprAD4AQBkgUECAQYAZIFBAgFGASgBi6AB8CJlR-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD42h_SCAkIgOGAEBABGB2ACgPICwHYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItNzg4ODY3NjY1NDA0NzM5Mxilzmo&sigh=dPBGumnclcA&uach_m=[UACH]&template_id=419
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D9C0 68 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59ce26c6f1ceac2137ebdf8e3827b8f110d569ecc4323aded2026048ebca2d7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 21ms
21ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&zMoatAdUnit1=bunburymail&zMoatAdUnit2=news&zMoatAdUnit3=nationalnews&wf=1&ra=3&sgs=3&vb=5&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1650435234390&de=438872490866&rx=120082439039&m=0&ar=bee2df476bf-clean&iw=0bc3758&q=3&cb=0&cu=1650435234390&ll=2&lm=0&ln=0&em=0&en=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A1469%3A1469%3A0%3A1782&fs=198121&na=1798349178&cs=0
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:13:55 GMT

GET
H2 200 eyJpdSI6IjYzMmUyZDBiMzdlZGRmYTQ0MTc5Yjg1ODU2MGE3ODdiYjVjZDc2ZjhiM2JjMzZlZTlhNzY4MzY2YzkzOTM3MDciLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 36 KB
37 KB 74ms
19ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjYzMmUyZDBiMzdlZGRmYTQ0MTc5Yjg1ODU2MGE3ODdiYjVjZDc2ZjhiM2JjMzZlZTlhNzY4MzY2YzkzOTM3MDciLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6c5caabb3d7795e7e2344ef4950a455075b9d4345d313e8c9605a779b51199bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
cache-control: max-age=2400089
last-modified: Mon, 18 Apr 2022 09:25:45 GMT
x-traceid: 3911e901db5822d026abcc76a182becb
timing-allow-origin: *
content-length: 37288
content-type: image/webp

GET
H2 200 eyJpdSI6ImJhN2U1MGYzYjc5NDFjZDg4ZDRmN2MzZWY5Mzg0YzljOTc4ZmMwZjA3MGYzYTI5NmVlNWRhZjQxZDk1MzZlMmQiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 67 KB
67 KB 87ms
34ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJhN2U1MGYzYjc5NDFjZDg4ZDRmN2MzZWY5Mzg0YzljOTc4ZmMwZjA3MGYzYTI5NmVlNWRhZjQxZDk1MzZlMmQiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d6059742336715d8752a4bde025df230f73ce3e64d28fdedbf049c1e6f58f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
cache-control: max-age=1169495
last-modified: Mon, 06 Dec 2021 08:19:37 GMT
x-traceid: c457d4240440e53dc924a6d4991e3941
timing-allow-origin: *
content-length: 68558
content-type: image/webp

GET
H2 200 eyJpdSI6ImU5ZTA3ZjhmMDMxM2IyYTE4NDJlMzlmNTcxZjQ2ODAxMGJlZTA1NTMxODI0ZTIxNDY3YWJkZmE5MTBiNzgwZDgiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 26 KB
26 KB 86ms
34ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU5ZTA3ZjhmMDMxM2IyYTE4NDJlMzlmNTcxZjQ2ODAxMGJlZTA1NTMxODI0ZTIxNDY3YWJkZmE5MTBiNzgwZDgiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6c3a26194f567a4aa5162cb5d6bea0ab263f91eb39b59237576c7f74e116fe99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
cache-control: max-age=1862493
last-modified: Sat, 18 Dec 2021 17:59:35 GMT
x-traceid: 5a9ca4dc783e024744a06adab8899824
timing-allow-origin: *
content-length: 26724
content-type: image/webp

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 19ms
17ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&zMoatAdUnit1=bunburymail&zMoatAdUnit2=news&zMoatAdUnit3=nationalnews&wf=1&ra=3&sgs=3&vb=5&pl=0&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1650435234390&de=981634046672&rx=120082439039&m=0&ar=bee2df476bf-clean&iw=0bc3758&q=4&cb=0&cu=1650435234390&ll=2&lm=0&ln=0&em=0&en=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A1469%3A1469%3A0%3A1782&fs=198121&na=1806314280&cs=0
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:55 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:13:55 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1CCE 624 B
733 B 41ms
18ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhju54jGATAB&v=APEucNX8kIGFf2t4RTKlgZmgS4VHsWxshsgqLCHm7xfReBMPF9jovYbE-OPZrOS-WaktfxsHitaxi6PgJUQRAm4nvTGDsqSYKWrDHK6cSRAjDACIweJScVy5UCZwii80Qcs-JiI82ScLPXtekE2ToXHJvbT8xPSpup3wovWOvQDmMbBc_NdcVmA

Requested by

Host: 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
URL: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3CE6 69 KB
25 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
URL: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8ac8ce1153b5e1594c38e18e85419ab20398b420eb3a41e83d10efe18d59fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25300
x-xss-protection: 0
server: cafe
etag: 3146347784094649260
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 20 Apr 2022 06:13:55 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CE6 42 B
173 B 63ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C9bp3e-C9cP7HYq0sRrDraeYPGUavfZ5dDlw6WASjEhoNOzAt4swpJIJZI7iW3-iB1D91nPgCmh5rKnNaMq89920mEfjKqROw8t00hR5lapQdc9a0

Requested by

Host: 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
URL: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame 3CE6 3 KB
1 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
URL: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:10:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CE6 119 KB
36 KB 48ms
32ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
URL: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:55 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/ Frame 3CE6 15 KB
6 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220418/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
URL: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:12:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3CE6 0
0 16ms
15ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrJDzX3IW8dwMx2oEp47D2VhHJEpfeMEfi3gDxYl6E3keUbDCVYMJzeM4fTc6zpkkGBXxtBoEfLXZj6bMpqz1rdu08-Q
Requested by: Host: 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
URL: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 31 KB
12 KB 334ms
325ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=2000678&apv=true&sig=y9kXrDPO&format=html&rand=48126&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YjZhMDJhMThhZWNjMTM3Y2YwNWQ0YjE0NmQwM2NhNWI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=610&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3f466703ee5d07a0980d05f205a4f09fb9ba509db286b6d7038d3da5cd350224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1650435236.734246,VS0,VE314
accept-ranges: bytes
x-served-by: cache-lga21983-LGA, cache-fra19153-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: e0799f43325ac8903fa3f0d0ac835d3b
content-encoding: gzip
content-length: 11717
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1CCE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1&C=1

43 B
1014 B

21ms
20ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhju54jGATAB&v=APEucNX8kIGFf2t4RTKlgZmgS4VHsWxshsgqLCHm7xfReBMPF9jovYbE-OPZrOS-WaktfxsHitaxi6PgJUQRAm4nvTGDsqSYKWrDHK6cSRAjDACIweJScVy5UCZwii80Qcs-JiI82ScLPXtekE2ToXHJvbT8xPSpup3wovWOvQDmMbBc_NdcVmA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Apr 2022 06:13:55 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 20 Apr 2022 06:13:55 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1CCE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yl.ko.qxR74t7yU.isv5RwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1&google_hm=2

43 B
894 B

20ms
20ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhju54jGATAB&v=APEucNX8kIGFf2t4RTKlgZmgS4VHsWxshsgqLCHm7xfReBMPF9jovYbE-OPZrOS-WaktfxsHitaxi6PgJUQRAm4nvTGDsqSYKWrDHK6cSRAjDACIweJScVy5UCZwii80Qcs-JiI82ScLPXtekE2ToXHJvbT8xPSpup3wovWOvQDmMbBc_NdcVmA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 20 Apr 2022 06:13:55 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:55 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbidt7z5kf9zO4NagZenHI&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 1CCE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOOFH6Z4lRETHRVxvc_iUds&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOOFH6Z4lRETHRVxvc_iUds%26google_cver%3D1

43 B
1 KB

18ms
17ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOOFH6Z4lRETHRVxvc_iUds%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhju54jGATAB&v=APEucNX8kIGFf2t4RTKlgZmgS4VHsWxshsgqLCHm7xfReBMPF9jovYbE-OPZrOS-WaktfxsHitaxi6PgJUQRAm4nvTGDsqSYKWrDHK6cSRAjDACIweJScVy5UCZwii80Qcs-JiI82ScLPXtekE2ToXHJvbT8xPSpup3wovWOvQDmMbBc_NdcVmA

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:55 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 75bfc1f0-1d7a-444f-aee0-6ed5622a9b93
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:55 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8660d127-3ba1-481e-9eb2-246a07fea2a5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOOFH6Z4lRETHRVxvc_iUds%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CCE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyMTA0NDMxMjYzOTQzNjE5OA%3D%3D

170 B
188 B

35ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyMTA0NDMxMjYzOTQzNjE5OA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 20 Apr 2022 06:13:55 GMT
X-Proxy-Origin: 217.64.151.5; 217.64.151.5; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9c5feaaf-477e-4bb8-ae6a-7d643c9249b6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyMTA0NDMxMjYzOTQzNjE5OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3CE6 84 KB
33 KB 71ms
55ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDEuuslPuHUtEFjYZ6m_67gkUjP7Ci77dEW-8hOjI0cJUfzJe0nHjRZ_0fUtBf8KJfp5kp5yMX_0iAJPAUhM9eEEXaP2K-7-hXHRfUWKUp1d5-vGdOyfDPmcphw5Jyw0VgHvOjpOUCBufMjJcdCZiZczGpmg&dbm_d=AKAmf-AMTgoxrjRk7pTE765epmzJkstvh4ktlRXjHQ-w30aE7iaAJkXiHUE1Lcq-Y4wNTCqpUAdQdIAomozfvdo--hdyBnmOF29jvKewTEgu7YR-7_fB3WSLE53e5bXyd1Vtfr3DRh15bjW1BxmizBvSF5bechl8r8nkOXzgjOMZ1sxdI9KdtCkSulfaJOCzXirJCIF3ec2CmbLxmNoUpEIGDYNiwknfJrOsJkg2QdPosPG2ncCj5HoHfmoEkPnfEJIRlNbrp7m_fiy5k764G_XyfB21mHUSUTx7NSLTEj4-JYDQEUlG3XTz1ovccCdPSAjUlOeKN5TvevVk2N9bmHlCQPnE8-gP46oG1_GIvJHPpLgZIHf4AVP38KDpjMncpVrdryVwgEvfvT5rWD26jk832xcJPPz1N7MVl2139Y09NYKpvVxzsnNRFxCzGHaOcw5nPUVREfYx7Nj1gQh-dzzY-l-XG-Eei5hYJFK4mJjBbcoUSSSPjKVAltrbFmziwHnPecNSkHZgJeEsiZaTulvrx5ku8IExqDvn5YCewaN9bDtcQWlREGxSMbVz240ZT4ZJJxoimPbZrKfsZDOiv8JiA5-Dfd1zg4HDRo5H004LWH5fdKl1HYO8dgq9m_p9fJciOdZbWkjKdp9S8Zelqufq6AoJjPueboOEVDkr0cpTz-AOuoVUiWzH4RSeoux6sv1WUWupnpSRBOhNf3SR8JwQ1bGOzg194_G-dyjl2U2v5iczZfov7q_fcKl-2HpIQc0ymgFapIprh5o4ObcLL-KVX-Ax-zN8giTXc_S2BM0yiD_9WHKMENSBqK7GUFmdAPWOPBImFZ4NqTWUjSsWJ-i7Wt3lVFRO9gJtY1gufZOyOALehOD3r1-iPxtjrjZ0wC42pU1ruB3icKdcrKPOQug8jcPzphaxcPd71b59J2kVmVKZi_cBLA2HMa3kkg2hKiWYRDs3oCLmzZScDkM-imdO63XyEAWwmNHseJ0sC-hW_F92lvIiz-2Wc-Byj1z_bZehyIYJjrWTpSV1QqSp5oX4tpOZXh7kKjBmEXE4vOqC48P6vEkgOAX2FXeXGua5OhiqwWknenSMJonGX8b1QcwpC3iGr27YeIHYnOOEfMe4s_uwNd9d5OynXwK79rofKdZp4eTE4d4arpezI7bX2d_fHKS-TAoeca--YPTJD-_2TpwuYXIZh2aX2J8-vjVieNf_JzrH-NlCTIhazwMionfNvz9FGkFWHVUhPXNNVhpG5fDwltA451H_1bSpbFkZIC9ipA6pk_g5MXFZdzsVnohv9aLWIIRF2dnHMj-kqUHp7EpqzzDdu453Zv1yKqXAUepbZWrEHPmQFmsfyNwyqBvhwlxUiQoeIOZ-SECUp6s-H7k6TXBgtNTHTp3mtqeatAOxLpd28h7TnolZQrZR_07Yjyt6xnaDcUSIGLeQn-aKX2TJwHFpi5p0ITTHBVricLnhZ6EUAlIHkxAoMfgAlTwhvcCrFYfy-ypHMXQZONaOl8qCL-VMTiSPLndQDwlD3I8zVb66JFf8zVfA1V0Md8qzh9R8eKDQ9UZLYhfEZQ8BWBl2FZSBPRejdQVsMwyGZgQ0MLDCnuck0dDulMRRwFcLrG0ksadmYttwCvdbM1C3s9JPxwuGwjR0gPQVUMcsNrv8xlg832JrwHt7zf1CywhKBe7yUkStPjgwRM8rFaEVSif7OoeR5POXZjLEEF7d4GbYNdkCD1XSxVJCf6hBa9Bbmpk5CH_svUV5ld2snlX80__x78ys3-eDCdxQt8RPOd4isKv1wSQimoeDylk_ZoWLsTWeT46-ZtjHg4wCgLu5zMkTtF-Kq12KduLLTFm-eWjAKDAG6vA2E5iWl7NrWEtgbFKYDo673Lk5gYFINRjUFZ3NPmJXWaXl8lKG7sMYWRK3-qpK1YKqfNBES90xYT3_fNVqA2ckGHizNriiltr7QNub0rZEA1YsMTVamN1LRtz6yOcclNy-NHONDcwRZ2ISFyfX-NK90INnVi0hxvpbjB7ou8OaRuefAYNAIHcTcUSoTmXoVgGsSLCHJybOlvNLRS2scVW1k49zRiJC9zoK_lcxGNxIXWeowPoaCYoCHgXEEWm4wZOraVF8Dl9_YyJSpKSxe-Pqk3CTE1ye5naZ74w-XlPYsZ6SbEiwuMbHFCiuiAERlKgYBuGIisKj0Vdrf9bad5bdeqbJw8kssyQV2ZMYbD5if4aLV1C6BC1IyIvOJEGm8NlNyr00bj6RkOyU4MUrJjUUIDdOP38u91IlT57TSaAPD0P4vipISqPR2B85Jjqqb1qDqNYY4J9S_oCq2b2lzseOF_5HKfKl6NhS03fOI8f8kFE9tpIqJyWXXtMbtJaf3T9VbJOqprvvKxxXZY-RwaLDsMnn86vJEsLzBeQlJCko8xqaET74-ZWBAYcv_OCTpExNRdy8yuyqlnaG8UokK1efXfOU7u9p-TpZjC5DSNAZiwr-0_MexoIot0v6F2U5Trc7jDC1McdjyNxEfhA6CAp_loInx434R_B5YC0LyJeXr19PtF753PClDN2fYx3qfGO47_vlI5amFU6ZMCqLnxgKqC3nM4ZTxoW8IkkWTAVl0PaayE-fepPRQKOvcx0hyzTe5eGPZ9XsBQq2CQmej-ahJkYC17NtXfXmC_XU5KmWZD92Wlst-4jLOUzBuX3ijO8xCHNknElUq9uhhYpsemplpagZa7KDAAS03ITAaIKT9GGlQKqyRvtQo0ZJQ4e2TGoCi60SIXItk-bTGneIe7xERBflCD8Kj5Ci7A7eD5hFFEKf4-QYZ3VjuanyykEW8ywKh6W1T4QL9hVY0v3eQqjMBlWJvVSy-08SYQXzZ_n-x_QyJdTQ4GnwQ_ENuQzyRSAgaE8SbM4HqlKuCS2vbmI1tya2I19dEkmr33eImWvXpUt9q8eeMa0Xda1ASj-yiXwMWCTYXQ9ehAwVFplSe4olmNh6iOJLOkJn_i9VV2D-KyKNUuV1xGcNS6CSlpmWb-YT69Lp03AMZfyYkwsCKhespW-pZZTC2ekFam1ICztNjZ1gqFnDLqr4Fr7J7L_I_NArj8IVuJGiVMdKdDPs1eTyHimEEAwkhju77v-17_uKSnD9aZXvjZT7QuRYKdWHbePIn_EkUD-yt4iseE-P9gA7mEAH2QdCFiWENp70lwJBQhYrthCH6E-ibVgwETEUilCbUL5XFCueCMG0AXHIfH8VAhqJUMYpjj9HoTraVsGZbqd05MQpmonOJkNyU3mKr6Bfa85tcT5LhLQR2_VqWhGcjtpISYUBkjNMk-7ZTMNkp7O-GMogKtqPQyJ3qLnuQBNeuPld3pRplu1wrJu6hdQt7c3XrL4XW2Qp5Xud4gQ1ZZRVGv_1SgJSKL_WQXCH3-3xWoaHN6CokZZO5fBG8vpAAJcZv-c1wPFhHmBHMq7gWB7xKKp_VuVPFprQwA-_X0nvWCF4DP-BgILddoC6DRqte8tfjzAPu77kHJFxxKDpQS4OrU5aMcZ7YWJFAndJms7rk6IqxAykZAi-enwh1q214howxhkEqMAnoEua18ye1WKkoMlJ3CNTW6GPduNur6VV&cid=CAASJeRo8-oh0nlzphBTJKcS8gfvWiUqu634aIHZE7n-p-xsNWdsxbE&dv3_ver=m202204130101&rfl=https%3A%2F%2Fwww.bunburymail.com.au%2F&ds=l&xdt=0&iif=1&idt=52&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53c3b920b8c03038f8385ad513a3a6658dfe3fb63bbb8ac52fba7525b27b92eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34006
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d3d3LmJ1bmJ1cnltYWlsLmNvbS5hdQ== Show response
static.solutionshindsight.net/assets/ 3 KB
2 KB 45ms
21ms Fetch
application/json 108.157.4.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/assets/d3d3LmJ1bmJ1cnltYWlsLmNvbS5hdQ==
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c64708b30ca94141585b193641d4bbeb6104545fce3692eebcc8d2cfa066dfac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9e731a0773c78fac767c06926089f6c8"
age: 441
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 01 Apr 2022 15:04:57 GMT
server: AmazonS3
date: Wed, 20 Apr 2022 06:06:35 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: qvzLJv68Y9P59x41fBhcZR6KgYPrsnpfNURZYKD8TIbcSy04LCbdVw==

OPTIONS
H2 200 _bulk
api.solutionshindsight.net/v2/events/ Frame 0
0 149ms
106ms Preflight
application/json 108.157.4.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.solutionshindsight.net/v2/events/_bulk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-65.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bunburymail.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Wed, 20 Apr 2022 06:13:55 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amz-apigw-id: Q3appE1doAMFuaA=
x-amz-cf-id: qEIxMfjF_vAsd9dVblefLaxOnf3b4gxBff4McDrGxwzM0mi59JK6WA==
x-amz-cf-pop: DUS51-P2
x-amzn-requestid: 44b933fd-4e5e-4c30-9579-615b9e21b567
x-cache: Miss from cloudfront

GET
H2 200 wp-banners.js Show response
static.solutionshindsight.net/teju-webclient/ 264 B
541 B 19ms
19ms Script
application/javascript 108.157.4.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:11:12 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 16:45:06 GMT
server: AmazonS3
age: 164
etag: "a4b034ba6b156e6ab499fe80f2057237"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 190
x-amz-cf-id: qswzJc_HQ_u7DDhboLQ1DVGLSuPw0bin8K_KDj8tU0vPvkbm18KZIw==

POST
H2 201 _bulk
api.solutionshindsight.net/v2/events/ 0
0 305ms
305ms Fetch
application/json 108.157.4.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.solutionshindsight.net/v2/events/_bulk
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-65.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amzn-requestid: 87d41104-200c-4728-93da-5fc00f117d27
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-625fa4a4-68abe28b6ed46098446e5c20
x-amz-apigw-id: Q3apsHW8IAMFSEg=
content-length: 0
x-amz-cf-id: 8jUcW87YlzilpN7rAQ95kKOHUXm_6zxwDhA6LOHQzZFex275uKpscw==

GET
H2 200 express_html_obb_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3CE6 119 KB
42 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
Origin: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 11:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42555
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Apr 2022 11:12:07 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 3CE6 8 KB
3 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDEuuslPuHUtEFjYZ6m_67gkUjP7Ci77dEW-8hOjI0cJUfzJe0nHjRZ_0fUtBf8KJfp5kp5yMX_0iAJPAUhM9eEEXaP2K-7-hXHRfUWKUp1d5-vGdOyfDPmcphw5Jyw0VgHvOjpOUCBufMjJcdCZiZczGpmg&dbm_d=AKAmf-AMTgoxrjRk7pTE765epmzJkstvh4ktlRXjHQ-w30aE7iaAJkXiHUE1Lcq-Y4wNTCqpUAdQdIAomozfvdo--hdyBnmOF29jvKewTEgu7YR-7_fB3WSLE53e5bXyd1Vtfr3DRh15bjW1BxmizBvSF5bechl8r8nkOXzgjOMZ1sxdI9KdtCkSulfaJOCzXirJCIF3ec2CmbLxmNoUpEIGDYNiwknfJrOsJkg2QdPosPG2ncCj5HoHfmoEkPnfEJIRlNbrp7m_fiy5k764G_XyfB21mHUSUTx7NSLTEj4-JYDQEUlG3XTz1ovccCdPSAjUlOeKN5TvevVk2N9bmHlCQPnE8-gP46oG1_GIvJHPpLgZIHf4AVP38KDpjMncpVrdryVwgEvfvT5rWD26jk832xcJPPz1N7MVl2139Y09NYKpvVxzsnNRFxCzGHaOcw5nPUVREfYx7Nj1gQh-dzzY-l-XG-Eei5hYJFK4mJjBbcoUSSSPjKVAltrbFmziwHnPecNSkHZgJeEsiZaTulvrx5ku8IExqDvn5YCewaN9bDtcQWlREGxSMbVz240ZT4ZJJxoimPbZrKfsZDOiv8JiA5-Dfd1zg4HDRo5H004LWH5fdKl1HYO8dgq9m_p9fJciOdZbWkjKdp9S8Zelqufq6AoJjPueboOEVDkr0cpTz-AOuoVUiWzH4RSeoux6sv1WUWupnpSRBOhNf3SR8JwQ1bGOzg194_G-dyjl2U2v5iczZfov7q_fcKl-2HpIQc0ymgFapIprh5o4ObcLL-KVX-Ax-zN8giTXc_S2BM0yiD_9WHKMENSBqK7GUFmdAPWOPBImFZ4NqTWUjSsWJ-i7Wt3lVFRO9gJtY1gufZOyOALehOD3r1-iPxtjrjZ0wC42pU1ruB3icKdcrKPOQug8jcPzphaxcPd71b59J2kVmVKZi_cBLA2HMa3kkg2hKiWYRDs3oCLmzZScDkM-imdO63XyEAWwmNHseJ0sC-hW_F92lvIiz-2Wc-Byj1z_bZehyIYJjrWTpSV1QqSp5oX4tpOZXh7kKjBmEXE4vOqC48P6vEkgOAX2FXeXGua5OhiqwWknenSMJonGX8b1QcwpC3iGr27YeIHYnOOEfMe4s_uwNd9d5OynXwK79rofKdZp4eTE4d4arpezI7bX2d_fHKS-TAoeca--YPTJD-_2TpwuYXIZh2aX2J8-vjVieNf_JzrH-NlCTIhazwMionfNvz9FGkFWHVUhPXNNVhpG5fDwltA451H_1bSpbFkZIC9ipA6pk_g5MXFZdzsVnohv9aLWIIRF2dnHMj-kqUHp7EpqzzDdu453Zv1yKqXAUepbZWrEHPmQFmsfyNwyqBvhwlxUiQoeIOZ-SECUp6s-H7k6TXBgtNTHTp3mtqeatAOxLpd28h7TnolZQrZR_07Yjyt6xnaDcUSIGLeQn-aKX2TJwHFpi5p0ITTHBVricLnhZ6EUAlIHkxAoMfgAlTwhvcCrFYfy-ypHMXQZONaOl8qCL-VMTiSPLndQDwlD3I8zVb66JFf8zVfA1V0Md8qzh9R8eKDQ9UZLYhfEZQ8BWBl2FZSBPRejdQVsMwyGZgQ0MLDCnuck0dDulMRRwFcLrG0ksadmYttwCvdbM1C3s9JPxwuGwjR0gPQVUMcsNrv8xlg832JrwHt7zf1CywhKBe7yUkStPjgwRM8rFaEVSif7OoeR5POXZjLEEF7d4GbYNdkCD1XSxVJCf6hBa9Bbmpk5CH_svUV5ld2snlX80__x78ys3-eDCdxQt8RPOd4isKv1wSQimoeDylk_ZoWLsTWeT46-ZtjHg4wCgLu5zMkTtF-Kq12KduLLTFm-eWjAKDAG6vA2E5iWl7NrWEtgbFKYDo673Lk5gYFINRjUFZ3NPmJXWaXl8lKG7sMYWRK3-qpK1YKqfNBES90xYT3_fNVqA2ckGHizNriiltr7QNub0rZEA1YsMTVamN1LRtz6yOcclNy-NHONDcwRZ2ISFyfX-NK90INnVi0hxvpbjB7ou8OaRuefAYNAIHcTcUSoTmXoVgGsSLCHJybOlvNLRS2scVW1k49zRiJC9zoK_lcxGNxIXWeowPoaCYoCHgXEEWm4wZOraVF8Dl9_YyJSpKSxe-Pqk3CTE1ye5naZ74w-XlPYsZ6SbEiwuMbHFCiuiAERlKgYBuGIisKj0Vdrf9bad5bdeqbJw8kssyQV2ZMYbD5if4aLV1C6BC1IyIvOJEGm8NlNyr00bj6RkOyU4MUrJjUUIDdOP38u91IlT57TSaAPD0P4vipISqPR2B85Jjqqb1qDqNYY4J9S_oCq2b2lzseOF_5HKfKl6NhS03fOI8f8kFE9tpIqJyWXXtMbtJaf3T9VbJOqprvvKxxXZY-RwaLDsMnn86vJEsLzBeQlJCko8xqaET74-ZWBAYcv_OCTpExNRdy8yuyqlnaG8UokK1efXfOU7u9p-TpZjC5DSNAZiwr-0_MexoIot0v6F2U5Trc7jDC1McdjyNxEfhA6CAp_loInx434R_B5YC0LyJeXr19PtF753PClDN2fYx3qfGO47_vlI5amFU6ZMCqLnxgKqC3nM4ZTxoW8IkkWTAVl0PaayE-fepPRQKOvcx0hyzTe5eGPZ9XsBQq2CQmej-ahJkYC17NtXfXmC_XU5KmWZD92Wlst-4jLOUzBuX3ijO8xCHNknElUq9uhhYpsemplpagZa7KDAAS03ITAaIKT9GGlQKqyRvtQo0ZJQ4e2TGoCi60SIXItk-bTGneIe7xERBflCD8Kj5Ci7A7eD5hFFEKf4-QYZ3VjuanyykEW8ywKh6W1T4QL9hVY0v3eQqjMBlWJvVSy-08SYQXzZ_n-x_QyJdTQ4GnwQ_ENuQzyRSAgaE8SbM4HqlKuCS2vbmI1tya2I19dEkmr33eImWvXpUt9q8eeMa0Xda1ASj-yiXwMWCTYXQ9ehAwVFplSe4olmNh6iOJLOkJn_i9VV2D-KyKNUuV1xGcNS6CSlpmWb-YT69Lp03AMZfyYkwsCKhespW-pZZTC2ekFam1ICztNjZ1gqFnDLqr4Fr7J7L_I_NArj8IVuJGiVMdKdDPs1eTyHimEEAwkhju77v-17_uKSnD9aZXvjZT7QuRYKdWHbePIn_EkUD-yt4iseE-P9gA7mEAH2QdCFiWENp70lwJBQhYrthCH6E-ibVgwETEUilCbUL5XFCueCMG0AXHIfH8VAhqJUMYpjj9HoTraVsGZbqd05MQpmonOJkNyU3mKr6Bfa85tcT5LhLQR2_VqWhGcjtpISYUBkjNMk-7ZTMNkp7O-GMogKtqPQyJ3qLnuQBNeuPld3pRplu1wrJu6hdQt7c3XrL4XW2Qp5Xud4gQ1ZZRVGv_1SgJSKL_WQXCH3-3xWoaHN6CokZZO5fBG8vpAAJcZv-c1wPFhHmBHMq7gWB7xKKp_VuVPFprQwA-_X0nvWCF4DP-BgILddoC6DRqte8tfjzAPu77kHJFxxKDpQS4OrU5aMcZ7YWJFAndJms7rk6IqxAykZAi-enwh1q214howxhkEqMAnoEua18ye1WKkoMlJ3CNTW6GPduNur6VV&cid=CAASJeRo8-oh0nlzphBTJKcS8gfvWiUqu634aIHZE7n-p-xsNWdsxbE&dv3_ver=m202204130101&rfl=https%3A%2F%2Fwww.bunburymail.com.au%2F&ds=l&xdt=0&iif=1&idt=52&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:12:32 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 3CE6 25 KB
10 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 06:10:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3CE6 41 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
URL: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 15:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 15:35:01 GMT

GET
DATA 200
OK truncated
/ Frame 3CE6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d82a75b1f2f2ad10984cdfe8c9b4465d84c930f6c497b48efb94e2fd9a7c8c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 5 KB
2 KB 24ms
8ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a002921639e07f0b901c3d10e122339255af03a0886e551eb5cff117fbd07a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 94045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1516
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 04:06:31 GMT
expires: Wed, 19 Apr 2023 04:06:31 GMT
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3CE6 0
622 B 87ms
57ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-t7dHkndCIPSCG1aoYC6lDhnxv2BDyKYfS7uQ3xxCD6BH75pHSJDA7w7GA5bBx-laWKYxtXszNklp96tQaIZZn4uJALHV33gJhok4miGDKOlLJ_ZuAiMGBtaMNPKXKf-A6EbxgonetYuz2cV_ojs2fc-K5m3nOUHOcbPxT0OwRYgwHFo0MduSV557xe264FFhuGcBycjJVQ51A8Dq9CGjV1XkTIcWj3LzuZnTS0mtq-PvgEE0NqPgf1uUy4OtWMAi3sBQwSGEO6fvktoVtDZz35vXDRFoWlUahXwPx-mbVqh_Ui0iRT8_1IY7-lc8kw4R2PSW3y8nPwJVR4XZHIZsbSj-25MnKSLd4iL7r7xoTkJvE1WrVWRDZnRtyvpZ1xR9QOfyxjRn-XhycBHkb-qJV2hU9Lvm3Iqe2_J4U45xQ9HAQIJejG-vww3IqpOT0WyEzTFj8e1KXmOT_fIbMT0nl2RwQf4a83O7tpa29TIK7coqPvSkGMv71F4uPXNGeFa-I7W475T44c5L3idSFWkoDLjGsSZNTRw4IVfJ4Otwgj0s9-cAPHGYHESE1sdoP5Aw099p4nrkizsbsoeZqfGTSIT61fgI3quSvCepupUtxwGBYQIy2tJXawr4ujyCG7fEAQ4gLoI1PnQ9jXPktY2IbCPZyS7a6IoY-NcmhzGmtCA3IS4zN1GDCnVrf7RoGIaAuxx5pdPpCtTZlz2qEXXYFuMaI1qxN6UQOelMcvetDJ5u3RN1r1sW5R0X5G9gyoDoeTTKZDZNgwBf13C0P1mqK1-fHkoex1NmJLUlsVlZfcGzm-EshAlxHRdoJmz-ctkBFgcTome_fGw6m0Bkhn22lhB3YsDSO2vWNCf8vpQWGhL_tmzC36hbXpc_4KzztZnrqF47nsyvz5JeHJCnh2OSygnYUI2p8ld9xk8gzoPZJ5jEJBDIvL6Peb7q_7k2UB62MXI_yNAzsPS4zAFmfffk9EIhjDgi9EKARhn7dze13-0pV8WD4Ej-KE9YeWoDRFo1GfqtUiUDrEMw-p1v80PSmrwzmEmh4Kv6-AXjQYQtUmSmnwVikgqsjGXzFdfMHUlBbEksz-tEtSmOk7iV9smm0gzVRQXaAJ9yEXc0C6llSMaimGPtdp7MNxa0janolHEkH-dL-oGFtjVnoEtFFV5vdzpl75s0WKf2tQuJQOq7lp48nzFd_igg4Cf5jS1EkmeSSbjtjiPK6kffnSPKl-occ2SA-MLXsAxD9qYquyDQ1mcQUaihw7YuC7joXiLsQOAYJCFHtEs6oLmXQ3vcQHMc4aw73nJ3Q67dEgj8cWJNeP4OK4bs9T7CaiT_-7pF-tT0FxDxfCud4UhIX45X9SZY6dONX97W1T-en9WfGfA&sai=AMfl-YRrtw9l_f3KOrWLE37c5V1fg06fbci_DlcCBcgcxoe9OZB32xeqMhJEhWSXgyKcSy6RGtgYPcBcENsmhZilZk91y_yc_Eb1dnBoV7KA6xicpJQ1NCUIfN-MFg90HYqi2m5Cf3QQLSB3AX502p1gH92Jgy5FMTL8M_8x9SVnP0VvUgGzVqv8Lk3d3mhv1XxHSZ7kr7phvwTmBIJPRWjUngSvfpHzi9-VNyb0JbLGa3h7kGCp&sig=Cg0ArKJSzDbOszKtmwI0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=67&cbvp=1&cstd=64&cisv=r20220413.58478&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 20 Apr 2022 06:13:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9A3B 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 15:35:01 GMT
expires: Wed, 19 Apr 2023 15:35:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 2 KB
593 B 7ms
7ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4649022c1e430e604bd8920740177f5232d4a2a1092f94351e54ba5a6db6bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 18:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 564
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Apr 2023 18:23:55 GMT

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 1 KB
1 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/background.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8298887ec48e74ce99f322a40fc502ca42608dc8c10e72585fc491c074e896dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 18:23:55 GMT
x-content-type-options: nosniff
age: 215401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1410
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Apr 2023 18:23:55 GMT

GET
H3 200 pfeil.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/pfeil.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cbba68a69b3e301f29ef142894753d4de27bccfb75cbf916fa7e6e8003cea7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 11:42:17 GMT
x-content-type-options: nosniff
age: 153099
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1726
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 11:42:17 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 6 KB
6 KB 12ms
10ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/h1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89d247867a3b3c2510749c78834b41bc2e464e124da20fe7528dfefd0e59675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:02:07 GMT
x-content-type-options: nosniff
age: 238309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6164
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 17 Apr 2023 12:02:07 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 7 KB
7 KB 13ms
11ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/h2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1309d39e5a33ab51962c1c0d4ae1664f4c33ca11d55cc162d858ef5a1cb56ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 16:38:18 GMT
x-content-type-options: nosniff
age: 48938
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7006
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Apr 2023 16:38:18 GMT

GET
H3 200 bullet02.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 2 KB
2 KB 13ms
10ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/bullet02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b98eeaff464ae66763ab4db8f59fc71abf8811f468506ea79dd14c436d4967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 05:54:31 GMT
x-content-type-options: nosniff
age: 173965
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 05:54:31 GMT

GET
H3 200 bullet01.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 2 KB
2 KB 28ms
25ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/bullet01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f397df653bfab97b416b27ae109aa48ce37c70954bc1128055437226b1ebc1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:01:01 GMT
x-content-type-options: nosniff
age: 180775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1882
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:01:01 GMT

GET
H3 200 s21fe5g.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 16 KB
16 KB 24ms
21ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/s21fe5g.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cd4d24736a79c2eb6745e224165edf4016bbecab91f2a8a607dcc3556f27472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 05:58:57 GMT
x-content-type-options: nosniff
age: 173699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 05:58:57 GMT

GET
H3 200 buds2.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 8 KB
8 KB 16ms
13ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/buds2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a5621a7f63eb1ade6a0d745abf349f64c946ca23da4d22bff17ef70258a7882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:01:01 GMT
x-content-type-options: nosniff
age: 180775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8607
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:01:01 GMT

GET
H3 200 preis.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 3 KB
3 KB 27ms
24ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/preis.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e536d145bbb5b14f2c57e15b1d6ee88a1e81c234bad555f97c1640a06c8c63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:01:01 GMT
x-content-type-options: nosniff
age: 180775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2738
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:01:01 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 4 KB
4 KB 15ms
12ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10687df4d17a43eb63901428657cd355a8a70bb58df7dd3f573c972266c72c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 06:23:54 GMT
x-content-type-options: nosniff
age: 431402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4340
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Apr 2023 06:23:54 GMT

GET
H3 200 laufzeit.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 772 B
799 B 25ms
23ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/laufzeit.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

103316b29f55bb4098f2a339f26ae0b54009ac2e010982624bcb7698ee8a44d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 04:00:47 GMT
x-content-type-options: nosniff
age: 94389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Apr 2023 04:00:47 GMT

GET
H3 200 button.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 1 KB
1 KB 26ms
24ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/button.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24e9fe64d28c263f2fb8801338ac55aabfc0b6dbab641308af33267857f8a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:01:01 GMT
x-content-type-options: nosniff
age: 180775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1262
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:01:01 GMT

GET
H3 200 border.png
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 192 B
219 B 14ms
12ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/border.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07faa617cfb2a9cf77d9a06598ea37fa4c88cff217e7e73515318aa2fdbb9d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:01:01 GMT
x-content-type-options: nosniff
age: 180775
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Apr 2023 04:01:01 GMT

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame 438C 63 KB
23 KB 51ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7985073
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22890
timing-allow-origin: *
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-596a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT49LBwEmAd7spfqhxfCzcZdQmO29iw%2B7D%2BvSBg6XHEZ6LFAdHiCHzjcgAyabaKCv9O3HmuUJnhsrCidXjo%2Fok6W89eu1Ue6IC31nT6xQMGmWaKgoQlKdzOoY%2BqYmi1InJmnvWxpEdnA84M%2B159icVov"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6febbca15e890221-ZRH
expires: Mon, 10 Apr 2023 06:13:56 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/ Frame 438C 2 KB
503 B 8ms
8ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f22de62cb0a481042ace888d9e10bb0324da24ed6aa6c48b46d6f4c8b0adf8c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16594078999557070329/km_202203_S21FE-AF6GBLTE-2499_300x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 04:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94305
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 474
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 16:02:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Apr 2023 04:02:11 GMT

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A3B 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 05:33:00 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000678/module/ 503 B
667 B 16ms
15ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000678/module/singleAnimationOnFeed.js?e=2
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dc535156bc76bf20fb610662776dc38d6e0185d87f573e7ce3726d61782bfc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 11:27:02 GMT
server: AkamaiNetStorage
etag: "807ea85480c23cf225511877bfe8d0b0:1650292491.726257"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 339
expires: Wed, 20 Apr 2022 10:13:56 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 91ms
91ms Fetch
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=96f868ec74313a4abb9983886ebb1de6_46374_1650435235828&tm=1156&eT=0&widgetWidth=610&widgetHeight=0&widgetX=330&widgetY=2987&wRV=2000678&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=353&oo=true&ab=0&wl=0
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: gzip
X-TraceId: 6e9152bbe21dc6181aafb7a8234d1722
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 179ms
88ms Fetch
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=dc9a640d54e473439c3b162efc87cc1b_46374_1650435235995&tm=1161&eT=0&widgetWidth=610&widgetHeight=926&widgetX=330&widgetY=2987&wRV=2000678&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=353&oo=true&ab=0&wl=0
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: gzip
X-TraceId: 28314baca1165b9f289dcbc3ad8130dc
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjZiZDkzNDZhNmRlZDFiZTdkZmJlOGU4MmU0ODFhYWZhMjhkMTMwYzc3YTFhM2YzMzcwZjE3ZGNhM2ZlNzA5YTgiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 66 KB
67 KB 17ms
16ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZiZDkzNDZhNmRlZDFiZTdkZmJlOGU4MmU0ODFhYWZhMjhkMTMwYzc3YTFhM2YzMzcwZjE3ZGNhM2ZlNzA5YTgiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19b3349d4b003f3f3e6564ec49eb7e3bef3507c2c73f95c876ccc76ea3cfe619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
cache-control: max-age=2136818
last-modified: Tue, 08 Feb 2022 14:58:11 GMT
x-traceid: 48bb3623e245c067e319beee7dc95c54
timing-allow-origin: *
content-length: 67866
content-type: image/webp

GET
H2 200 eyJpdSI6IjM4YzA0MzI1MjBhZDhlMWYzYjk1MGZiNmQxZWUwMWZkMDNjODUyMWU3OGQwZDk5YWI1NTYwYTRkZGVlZDE4NzkiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjaCI6LTc0ODUzOTAxMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 59 KB
59 KB 34ms
33ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM4YzA0MzI1MjBhZDhlMWYzYjk1MGZiNmQxZWUwMWZkMDNjODUyMWU3OGQwZDk5YWI1NTYwYTRkZGVlZDE4NzkiLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjaCI6LTc0ODUzOTAxMCwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a18ce7c13256654557df4cb0e2f2fee41c5cbfc01652d5fd411bd2267a2172a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
cache-control: max-age=1977954
last-modified: Fri, 08 Apr 2022 08:12:32 GMT
x-traceid: cbcde14dbc27d00cbe5712d4e2687f86
timing-allow-origin: *
content-length: 60132
content-type: image/webp

GET
H2 200 eyJpdSI6IjI3YzA3Yzk5ZjI5NDVkZGJlOTEyNGU2NmM2ZWI4ODM1ZGU0ZTYzN2U4YTYzMzAyZDdkZDZmYTk5YTBmMDdlMTciLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 93 KB
93 KB 39ms
38ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI3YzA3Yzk5ZjI5NDVkZGJlOTEyNGU2NmM2ZWI4ODM1ZGU0ZTYzN2U4YTYzMzAyZDdkZDZmYTk5YTBmMDdlMTciLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3a8a1cb088c28bd3bdc4251c078504fa91744cc1efd5bcaf397c0386e63ca25b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
cache-control: max-age=1685472
last-modified: Mon, 24 Jan 2022 04:49:28 GMT
x-traceid: 024cf1a76e9c158fd77796fe1866ef10
timing-allow-origin: *
content-length: 94858
content-type: image/webp

GET
H2 200 eyJpdSI6IjI1ZmVjZjIxY2IzZWM4YWRhMDA5NGIzZTBjNDYyMjY4ODM5YThjMWNhNDllNDE3ZDNmMzU4ZjNhYTFjMTE2NjciLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 73 KB
73 KB 38ms
38ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI1ZmVjZjIxY2IzZWM4YWRhMDA5NGIzZTBjNDYyMjY4ODM5YThjMWNhNDllNDE3ZDNmMzU4ZjNhYTFjMTE2NjciLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1cca29e5b46d6dfcb9a47b03fb08e8a09180c126f6bafea983d16eef2dbeb735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
cache-control: max-age=1539656
last-modified: Tue, 29 Mar 2022 15:33:34 GMT
x-traceid: 4299259b8621c0ee585a95b89d57ec8f
timing-allow-origin: *
content-length: 74522
content-type: image/webp

GET
H2 200 eyJpdSI6IjBlMjIyMWRlMThhOTkwODNjNzMyYjU0OTE0NTU2OGI0NTY0YzU1OWZiMWRhMWI0NWFiNDMyYTdiZjhiODJhNDciLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 55 KB
55 KB 38ms
37ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBlMjIyMWRlMThhOTkwODNjNzMyYjU0OTE0NTU2OGI0NTY0YzU1OWZiMWRhMWI0NWFiNDMyYTdiZjhiODJhNDciLCJ3Ijo2MTAsImgiOjM4MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 053d6e205f4e8e0a7da3bd81eaa5382e110ea22f4c055c6f9b22422eae05247f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
cache-control: max-age=745048
last-modified: Thu, 17 Mar 2022 17:32:11 GMT
x-traceid: ff785c45ac729c22e1858a3d3c8714c4
timing-allow-origin: *
content-length: 55854
content-type: image/webp

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3CE6 0
26 B 75ms
43ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-t7dHkndCIPSCG1aoYC6lDhnxv2BDyKYfS7uQ3xxCD6BH75pHSJDA7w7GA5bBx-laWKYxtXszNklp96tQaIZZn4uJALHV33gJhok4miGDKOlLJ_ZuAiMGBtaMNPKXKf-A6EbxgonetYuz2cV_ojs2fc-K5m3nOUHOcbPxT0OwRYgwHFo0MduSV557xe264FFhuGcBycjJVQ51A8Dq9CGjV1XkTIcWj3LzuZnTS0mtq-PvgEE0NqPgf1uUy4OtWMAi3sBQwSGEO6fvktoVtDZz35vXDRFoWlUahXwPx-mbVqh_Ui0iRT8_1IY7-lc8kw4R2PSW3y8nPwJVR4XZHIZsbSj-25MnKSLd4iL7r7xoTkJvE1WrVWRDZnRtyvpZ1xR9QOfyxjRn-XhycBHkb-qJV2hU9Lvm3Iqe2_J4U45xQ9HAQIJejG-vww3IqpOT0WyEzTFj8e1KXmOT_fIbMT0nl2RwQf4a83O7tpa29TIK7coqPvSkGMv71F4uPXNGeFa-I7W475T44c5L3idSFWkoDLjGsSZNTRw4IVfJ4Otwgj0s9-cAPHGYHESE1sdoP5Aw099p4nrkizsbsoeZqfGTSIT61fgI3quSvCepupUtxwGBYQIy2tJXawr4ujyCG7fEAQ4gLoI1PnQ9jXPktY2IbCPZyS7a6IoY-NcmhzGmtCA3IS4zN1GDCnVrf7RoGIaAuxx5pdPpCtTZlz2qEXXYFuMaI1qxN6UQOelMcvetDJ5u3RN1r1sW5R0X5G9gyoDoeTTKZDZNgwBf13C0P1mqK1-fHkoex1NmJLUlsVlZfcGzm-EshAlxHRdoJmz-ctkBFgcTome_fGw6m0Bkhn22lhB3YsDSO2vWNCf8vpQWGhL_tmzC36hbXpc_4KzztZnrqF47nsyvz5JeHJCnh2OSygnYUI2p8ld9xk8gzoPZJ5jEJBDIvL6Peb7q_7k2UB62MXI_yNAzsPS4zAFmfffk9EIhjDgi9EKARhn7dze13-0pV8WD4Ej-KE9YeWoDRFo1GfqtUiUDrEMw-p1v80PSmrwzmEmh4Kv6-AXjQYQtUmSmnwVikgqsjGXzFdfMHUlBbEksz-tEtSmOk7iV9smm0gzVRQXaAJ9yEXc0C6llSMaimGPtdp7MNxa0janolHEkH-dL-oGFtjVnoEtFFV5vdzpl75s0WKf2tQuJQOq7lp48nzFd_igg4Cf5jS1EkmeSSbjtjiPK6kffnSPKl-occ2SA-MLXsAxD9qYquyDQ1mcQUaihw7YuC7joXiLsQOAYJCFHtEs6oLmXQ3vcQHMc4aw73nJ3Q67dEgj8cWJNeP4OK4bs9T7CaiT_-7pF-tT0FxDxfCud4UhIX45X9SZY6dONX97W1T-en9WfGfA&sai=AMfl-YRrtw9l_f3KOrWLE37c5V1fg06fbci_DlcCBcgcxoe9OZB32xeqMhJEhWSXgyKcSy6RGtgYPcBcENsmhZilZk91y_yc_Eb1dnBoV7KA6xicpJQ1NCUIfN-MFg90HYqi2m5Cf3QQLSB3AX502p1gH92Jgy5FMTL8M_8x9SVnP0VvUgGzVqv8Lk3d3mhv1XxHSZ7kr7phvwTmBIJPRWjUngSvfpHzi9-VNyb0JbLGa3h7kGCp&sig=Cg0ArKJSzDbOszKtmwI0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=199&vt=11&dtpt=132&dett=3&cstd=64&cisv=r20220413.58478&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3CE6 7 KB
5 KB 50ms
18ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6641df24c4c6946f2349ee64014021527650f928b9febcdbfd9244dddb88a7a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5512
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 24ms
23ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ACM_HEADER1&hp=1&wf=1&ra=5&sgs=6&vb=5&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1650435234390&de=102981113349&rx=120082439039&m=0&ar=bee2df476bf-clean&iw=0bc3758&q=5&cb=0&cu=1650435234390&ll=2&lm=0&ln=0&em=0&en=0&d=bunburymail.com.au%3AEmployers%20urged%20to%20embrace%20hybrid%20working%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=acmheader706032617774&fd=1&ac=1&it=500&pe=1%3A1469%3A1469%3A0%3A1782&fs=198121&na=291284502&cs=0
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:13:56 GMT

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
18 KB 47ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
etag: "7e1862f7a390ed9fc02c299216395547"
x-amz-request-id: 2TR2RRYMRD54RVTY
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: PuDDgzwCEreeWa9jCqxopTliCdGbSIFq3MMKdZKQttdHry9qD8vIXFkbsO/1owUimlj+TkooQmo=
x-served-by: cache-hhn4026-HHN
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1650435236.174670,VS0,VE0
date: Wed, 20 Apr 2022 06:13:56 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2316

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c119ca0792ed3a541fe7f3c0650358eafa5935bb1ea2111b60fd291c335e13de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: v9aHkbuBXo3+hkNgA0x5Vg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 20 Apr 2022 06:16:21 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 7mdvXH2LH2BmTrOaDd1uaAJrNXv1Lu53DoVX3RZgwl69A5tKhRRR/ACHePUJGRQuQOtkp2ND0pTzGdG9rPVK9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0f70999b5b8ca252a31b766d6c513016
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:56 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0f0547ed77c5a09ff1006824a0b84756"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 198ms
49ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF3) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:56 GMT
Content-Encoding: gzip
Age: 369
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:38:34 GMT
Server: ECS (mil/6CF3)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 83ms
34ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=012527284968046999840:wgocliuuvzk

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

092442af4e805b930b9c8c6db9994a6405500d60445842d7ab628587aa8caa09

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2934
x-xss-protection: 0
server: gws
expires: Wed, 20 Apr 2022 06:13:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 61ms
41ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041301&st=env

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97487ddbee837fc59e1c397d47ff0756545c5545ef90002e1a9a5184f5aa1a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10646
x-xss-protection: 0

GET
H2 200 optout_check Show response
beacon.krxd.net/ 83 B
243 B 123ms
30ms Script
text/javascript 54.76.30.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.fairfaxacm.kxjsonp_optOutCheck
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.30.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-30-252.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cf6a5c1e67f603913da93df4250532177860dc514e3cee57163343cd57941a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=26 t=1650435236
x-served-by: beacon-n023-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 limbik-video.js Show response
api.limbik.com/static/ 4 KB
2 KB 58ms
10ms Script
application/javascript 18.66.248.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.limbik.com/static/limbik-video.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-77.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: effd0e1493054852ddf2be0882223a632c130c04fed5b910072cdd93e5ad0bb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 04:29:22 GMT
content-encoding: gzip
last-modified: Mon, 21 Oct 2019 21:06:57 GMT
server: AmazonS3
age: 6276
etag: W/"27ebb0437ee541c2ced94fbb72e10f61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: zC7KrWk1_8LLGyeg0QPQediLd8nx5zE3IBHGMfvXHVBjMbtRM2aeuA==

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-au.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

7ms
7ms

Script
application/javascript

2600:9000:214f:8200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Server: 2600:9000:214f:8200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 19 Apr 2022 19:53:31 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 37226
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: AtyjraHoNGtI39lF85mA63A0p--aeTHfk9QlGqO0KQ1RzbAEe0veWQ==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Wed, 20 Apr 2022 06:13:56 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 ggcmb510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 49ms
8ms Script
application/javascript 2600:9000:214f:8200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 5mQc1Ku_dzLpxn5lb.bEWJPkM.D9PS0r
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Tue, 29 Mar 2022 13:42:22 GMT
server: AmazonS3
age: 1850
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 20 Apr 2022 05:43:07 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Y9aDoOahf04hliFPwfcVPDnvHvKzo-mSZspRazt8qafnaeRh3f6j9Q==

GET
H2 200 4pats6bj.js Show response
cdn.streem.com.au/ 38 KB
14 KB 1243ms
1111ms Script
text/javascript 34.117.86.212
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.streem.com.au/4pats6bj.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.86.212 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 212.86.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: eb74b089150390c22eb81f6f3e0063bd6819440a81066310a1b5429139defcb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:57 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtOoDCPgSOT7ccuUlmHaFAgM_i3vmwPm5IJe0xKPzH7Ha7JQS0bDhDnuhV6H1IMURyipGMli7hq3k2Lj38pF6xNJ-A8Yjhm
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13539
x-goog-meta-
last-modified: Tue, 10 Aug 2021 08:29:00 GMT
server: UploadServer
etag: "bd2b244ea961f952d897c86dfef42e4f"
vary: Accept-Encoding
x-goog-hash: crc32c=/SzeZw==, md5=vSskTqlh+VLYl8ht/vQuTw==
x-goog-generation: 1628584140376703
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=604800
x-goog-stored-content-length: 13539
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 27 Apr 2022 06:13:57 GMT

GET
H2 200 Tress.php
pixel.roymorgan.com/stats_v2/ 0
351 B 287ms
287ms Image
text/javascript 13.239.102.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.roymorgan.com/stats_v2/Tress.php?u=cvcyowszle&ca=20005251&a=5dcilmyo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.239.102.90 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-239-102-90.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: none
x-content-type-options: nosniff
server: Apache
x-powered-by: PHP/7.1.33
x-cache: MISS from pixel.roymorgan.com
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2042266299&t=timing&_s=2&dl=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Employers%20urged%20to%20embrace%20hybrid%20working%20%7C%20Bunbury%20Mail%20%7C%20Bunbury%2C%20WA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3611&pdt=5&dns=406&rrt=529&srt=330&tcp=24&dit=1783&clt=1783&_gst=1690&_gbt=1839&_cst=1444&_cbt=1671&_u=aCjAiUAjRAAAAE~&jid=&gjid=&cid=172446066.1650435234&tid=UA-16730067-41&_gid=1555094316.1650435234&gtm=2wg4i1KPMZ4JM&cd1=Bunbury%20Mail&cd2=lego1&cd3=news&cd4=national&cd5=article&cd6=Marion%20Rae&cd7=29032022&cd8=&z=956244672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 12:50:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62602
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2042266299&t=timing&_s=2&dl=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&ul=en-us&de=UTF-8&dt=Employers%20urged%20to%20embrace%20hybrid%20working%20%7C%20Bunbury%20Mail%20%7C%20Bunbury%2C%20WA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3611&pdt=5&dns=406&rrt=529&srt=330&tcp=24&dit=1783&clt=1783&_gst=1690&_gbt=1839&_cst=1444&_cbt=1671&_u=aCjAiUAjRAAAAE~&jid=&gjid=&cid=172446066.1650435234&tid=UA-61683903-1&_gid=1555094316.1650435234&gtm=2wg4i1KPMZ4JM&cd1=Bunbury%20Mail&cd2=lego1&cd3=news&cd4=national&cd5=article&cd6=Marion%20Rae&cd7=29032022&cd8=&cd35=301&cd36=0%20-%20499&cd47=&cd49=domestic&cd67=2022-03-29T00%3A32%3A15%2B08%3A00&cd68=AAP&z=1330865926

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Apr 2022 12:50:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62602
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 16ms
15ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.bunburymail.com.au%2F%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4azsEZ7JWWiCEpP%2F6puplsC0%3D&rs=1-HTLzQ%2BKASm48Xw%3D%3D&sc=1&os=1-MA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1650435234390&de=102981113349&rx=120082439039&cu=1650435234390&m=1739&ar=bee2df476bf-clean&iw=0bc3758&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4652&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1469%3A1469%3A0%3A1782&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=bunburymail.com.au%3AEmployers%20urged%20to%20embrace%20hybrid%20working%3A__page__%3A-&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=1060352592&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:13:56 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3CE6 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:56 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:56 GMT

GET
H/1.1 200
OK b2bc89fc76 Show response
bam-cell.nr-data.net/1/ 49 B
1 KB 510ms
491ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/b2bc89fc76?a=98320753&v=1215.1253ab8&to=ZldVNhRRDxBSBkFYXF8dcRcIUxUKXAsaQkZLR1wDSEMVDEEMUEIdR1tSFRUKEhdcF0xuV1RGVgsK&rst=3716&ck=1&ref=https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/&ap=29&be=1393&fe=3611&dc=1783&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1650435232520,%22n%22:0,%22f%22:529,%22dn%22:529,%22dne%22:935,%22c%22:935,%22s%22:943,%22ce%22:959,%22rq%22:959,%22rp%22:1289,%22rpe%22:1294,%22dl%22:1369,%22di%22:1783,%22ds%22:1783,%22de%22:1783,%22dc%22:3601,%22l%22:3611,%22le%22:3643%7D,%22navigation%22:%7B%7D%7D&fp=1468&fcp=1468&jsonp=NREUM.setToken
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:56 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Connection: keep-alive
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO%2FRzPI4j01e7qE7zU1wycKfPwvL9P0OmPWvQ66XKY%2B3JXr6vLdwXMz%2B5i386ZjMQAdePXB1pp1uzTKnfEgq5Us%2Fdny67t4WHHg2b6oiltVivHbbAST%2F2L1Y56F8WTXArVe4lrmg"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-allow-credentials: true
CF-Ray: 6febbca29f906901-FRA

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=bunburymail&zMoatAdUnit2=news&zMoatAdUnit3=nationalnews&wf=1&ra=3&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4azsEZ7JWWiCEpP%2F6puplsC0%3D&rs=1-HTLzQ%2BKASm48Xw%3D%3D&sc=1&os=1-MA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=970&gp=693.40625&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1650435234390&de=981634046672&rx=120082439039&cu=1650435234390&m=1810&ar=bee2df476bf-clean&iw=0bc3758&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=693.40625&lb=4652&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=84&vx=84%3A-%3A-&pe=1%3A1469%3A1469%3A3643%3A1782&as=0&ag=34&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=84&pf=0&ib=1&cc=0&bw=34&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=67&cd=0&ah=67&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbunburymail%2Fnews%2Fnationalnews_4&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=198121&na=1591025067&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:56 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:13:56 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8ed9df73ef447da0af3377e1c8c0a42a

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

340e1aa3a6ff20ba6d9e6713505140ab7d5134d8f91711ae8da7c3b0e18147c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.bunburymail.com.au/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: hhQtvl+ZU02IanWO0/Eyfg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 20 Apr 2023 05:27:01 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82865
x-fb-rlafr: 0
x-fb-debug: Ala+5Gdoxoxj+kgh6oVFRge0F71qRlB3fBzUWz/stlB79z41Arq8bPYu8UngaZ7M3gF8TVW9WML9THq81mKbtA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d8ee3a49f9b4ba5f73178cd7bd0593ce
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:56 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "44a132d44d6989a7f1953b55e0189478"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/3e1664f444e6eb06/ 303 KB
303 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 08:32:27 GMT
x-content-type-options: nosniff
age: 337289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 310042
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 16 Apr 2023 08:32:27 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/3e1664f444e6eb06/ 41 KB
41 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 08:32:27 GMT
x-content-type-options: nosniff
age: 337289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41765
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 16 Apr 2023 08:32:27 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 12ms
12ms Stylesheet
text/css 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 20 Apr 2022 06:38:48 GMT

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame FFAD 35 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 05:33:00 GMT

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 16ms
15ms Script
application/javascript 2600:9000:214f:8200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: Ba8xo6nXEW9E96H3VH5tDFxouWlth.CH
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Tue, 29 Mar 2022 13:42:22 GMT
server: AmazonS3
age: 398
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 20 Apr 2022 06:07:21 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: yCokUs4fH2kcVsdP-6nw5_d7NfY4v7FCWVe6VBxznv3LX1aEqn0j2A==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2FCA 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 21:23:26 GMT
expires: Wed, 19 Apr 2023 21:23:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4397 783 B
537 B 22ms
21ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2dd1e0806ca07af70a30fffade676419d85e6aa78e80576df43e008d88261ec3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+PSIqP5bKYUY7Bf3r1iG4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-+PSIqP5bKYUY7Bf3r1iG4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:56 GMT
expires: Wed, 20 Apr 2022 06:13:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A3B 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bmsl-o6RfYp6WM_LP7_UPjqqEKAAAAAA4AeAEAg&bg=!6eql6q7NAAZvJBiFTyQ7ACkAdvg8WkjXW6i3vkCRpe2S1FHu1o26LokowzdVBlEomdQ4JG_cXVf_cgIAAADlUgAAAAFoAQcKAG-NXBMRlENLvkEvlaOdbn4DrhjIaMtI4hXHbTWOk5fDzdy72EGxcdz2i7qsLUQXmzi0g7GuLKFRCC9fqBzwYsCmZZQfOaXOKqsN6-cu_RGJgxc0mtXGxnO3tHni0IJc66Euz57j1cZ3w71wzg4FJpWZAvz-PNmvbIXbSinuCMEoYiHJnIJ-uN_LqfvJS8JUt9TqiYLi1mp9IZIjfzmzhlVN6BYyIwzYAyi1KywHD9vc0w-7k3uzYvk_FFALavqpbQgHimkbACZ1Vpv1zO7x8jgErLNUFk6HHfUnLoY2aBvmVeTmEVMfOVBkctkUPCDl20LqQTmdZiRq4ZDBb_qzUBrA7wbq8zu6UFhimxp-utKqMLG35tsXO4IvPG9XNpXm07gbifp1sNFvPX-jWD4DgDD37_claveVpIz54Ef4pRbqJ1HfGshgTx2qROkf76QQLEVKKuIyPFUl2QhlWFpSPgRRybWQMgclNqX8Eue5LSXESqBi5bgsBukQicMCgukKk4_LccnLej2KOqWDMPX5TDZaQ1MSVaBCf0I-oSASf5T7y1DiDap04AZ0lVJaPzhhp1acYh9uU2kVNwt_wHzEdAlX6U8XQphGZh13Jsl-QUu_oz3qdHWze4AAbomfy1EUbKkNI3uuGXBjiSmVYSNo79djKTfSurasOuQ-CV99vOOU4VhcuOuA3y1SVrZUo9FB15xIpn0-bRB2oAzgiu8nf5Qk9UeiE3Bbrh1sJvQA_-rh9atNsMysJ6YjPQZLr-bVDNg2J7IkbvbWhbuUj4zhg9Ciq9FzEl8Dx9Or4wdplutzqdB49Wf-R266kxFKUaMyK_0XPurAY-ZTz7JHFiNF8sOUpuI70QYMaOiYp8ea1rfqOrueFXta-vcGkdzGugOPoohYSPX9bbznhMDePbbTqUm5hxn1lRUbTHFBrCnot190H25DdEvkbd4ddwZzIzZgDOE_Kp1B0IbHBwEh_fWz5WejYvw4-GXzT77ayevD0NokVN8yk85DdLGXy3jvDBFHU32aDm2lOTJ4FlyAmHJFp-HWTNmhMAyrDFfCSMSPdW0YNWziyw9-zs48ejap60mlmeaOpfJCmr6TLcLsbCLItjXr9F-3PSz-cCmp87ezN3J0ALHx1RvQyPrIHy54lEC0HCJEVYnPX6Fsto6d3ok2Ag

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 P39DFC5D7-56B5-4C85-BDA1-A6669302C21E.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 11ms
11ms Script
application/javascript 2600:9000:214f:8200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P39DFC5D7-56B5-4C85-BDA1-A6669302C21E.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 850a7fae38048a80a15d4f024fbb962d8dee6c305925bb82fbc8802c6d423956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 2S0buQpXGSHawKlrLbfBuWpaf3s4FuAI
content-encoding: gzip
etag: W/"92d420e8bca34f1ec81f3c42a1218911"
last-modified: Tue, 19 Apr 2022 03:16:11 GMT
server: AmazonS3
age: 1568
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Wed, 20 Apr 2022 05:47:49 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: XHqhM0tFlHdB818BiCmvCfzYwwJPIw8UCyg2kiqt5F7vVcoEGbwVWA==

GET
H2 200 / Show response
www.bunburymail.com.au/promotions/website_content_esov/ 13 B
437 B 326ms
326ms XHR
application/json 108.157.4.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bunburymail.com.au/promotions/website_content_esov/?view_type=STORY&limit=3&_=1650435234077

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-124.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

eeb85c2675888473ec64b7580aa0c76c6fd6b2bd51828870286ef202ad89dae2

Security Headers

Name	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
X-NewRelic-ID: XAADWFRTGwoIV1NSAAQE
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Referer: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Response headers

content-security-policy: child-src * blob:
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: DUS51-P2
date: Wed, 20 Apr 2022 06:13:56 GMT
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
vary: Cookie,Origin
content-length: 13
x-amz-cf-id: HSb2YHVUgkCFu-1pSSHveEDbo5KQH9FrZoWAhK1-MGmtwlWghkXElg==
expires: Wed, 20 Apr 2022 06:13:56 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 137 KB
50 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b28262a00acdef28dad40aca53ea3d6d58d1d5b294cdf895f6a628e96c5f5c16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "6432647522136957048"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Wed, 20 Apr 2022 06:13:56 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
178 B 42ms
6ms Image
text/plain 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 12:42:20 GMT
x-content-type-options: nosniff
age: 322296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 16 Apr 2023 12:42:20 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 49ms
7ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

/
www.facebook.com/login/ Frame FDBB
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e3553c089527%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

124ms
124ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e3553c089527%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D610%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8ed9df73ef447da0af3377e1c8c0a42a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 20 Apr 2022 06:13:56 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: G8ro/LhPN1qOM+w2G6gZRuf38e6pFz3vpnRKBd88gF7Ld3t/QAbybUkmOLirFypj0MbdVCkouSzCVOwq6FlWBQ==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 20 Apr 2022 06:13:56 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e3553c089527%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D610%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: UDQiNgAjmg7P/26WS4wZqsNyxbU/SyMuITpl1zn3T6X6kVu0EO01p9tooD5JN1oCeQTgC+V0fixVzdZbx79xjw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 5592
Redirect Chain

https://www.facebook.com/v2.3/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24dc799d48504%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

142ms
142ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df24dc799d48504%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8ed9df73ef447da0af3377e1c8c0a42a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 20 Apr 2022 06:13:56 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: mMovg3qmztHpdMo8RudyVdxmTgWQMaeHUskPT5KPq0AMR9Oy7zgYb2TW90J17io19nkI+dsdHSAYL48evbfpXw==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 20 Apr 2022 06:13:56 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df24dc799d48504%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: LMDyN3VQ3wrxIDZ1OTj99j147pTm9RAqelgBKrrn8fR7rTVtYXONdxxH3indzAfwzkOR7HU9LSlMh+Mml0Xm/g==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c119ca0792ed3a541fe7f3c0650358eafa5935bb1ea2111b60fd291c335e13de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: v9aHkbuBXo3+hkNgA0x5Vg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 20 Apr 2022 06:16:21 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 7mdvXH2LH2BmTrOaDd1uaAJrNXv1Lu53DoVX3RZgwl69A5tKhRRR/ACHePUJGRQuQOtkp2ND0pTzGdG9rPVK9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0f70999b5b8ca252a31b766d6c513016
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 20 Apr 2022 06:13:56 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0f0547ed77c5a09ff1006824a0b84756"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK aws-sdk-2.518.0.min.js Show response
sdk.amazonaws.com/js/ 2 MB
282 KB 55ms
11ms Script
application/javascript 65.9.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.amazonaws.com/js/aws-sdk-2.518.0.min.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aeb0726952dc3ab1980c871c4c639bf4ce444031b94f029c1e3c32ed4e03d140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Tue, 19 Apr 2022 07:24:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Aug 2019 18:24:23 GMT
Server: AmazonS3
Age: 82138
ETag: W/"30472bfe7efe0e2fea9a78f07cf13e44"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: QL-xHNLhxWn2ghU1t1djQICq5sL71NwNjmz54LQjXM6xwXdxcc_jDQ==

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame 3C7C 319 KB
104 KB 50ms
49ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.bunburymail.com.au
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF8) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 573708
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Wed, 20 Apr 2022 06:13:56 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 13 Apr 2022 12:15:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF8)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4397 0
0 55ms
55ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041301&jk=3384657605533584&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 storageframe.html Show response
secure-gl.imrworldwide.com/ Frame 0844 11 KB
4 KB 156ms
102ms Document
text/html 2600:9000:224a:3200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 06:13:56 GMT
etag: W/"623a1168-2b27"
last-modified: Tue, 22 Mar 2022 18:11:52 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
x-amz-cf-id: 363Ec4eEqLJbXoeTeo6OtACvNf0I_pjQQwD5eRZeFsxkAvetHZUa6g==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 194 KB
55 KB 8ms
8ms Script
application/javascript 2600:9000:214f:8200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6a02948be8e5e63277fd8aa74f7796824a553f94d4ddd2da72649b2db4d8d0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: LaI3bgJFKmjFiMIqcskrgsRPNVDoCjEs
content-encoding: gzip
etag: W/"6e735658822e2140abf2d7f08d51fdc8"
last-modified: Tue, 29 Mar 2022 13:42:22 GMT
server: AmazonS3
age: 2868
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 20 Apr 2022 05:26:09 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: bC3nASAmCXOeEFoLf-xHeZeopzfcJoESJwc8Pu03KhW3X5pzRm7q_w==

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FCA 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 05:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 05:33:00 GMT

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 9409 12 KB
4 KB 7ms
7ms Document
text/html 2600:9000:214f:8200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.bunburymail.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1583
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 20 Apr 2022 05:47:34 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Tue, 29 Mar 2022 13:42:22 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-id: bjxn2hUleb-R6L2e6ysuUx1Ul-SkSbNJVdhqBB5e3ufY21ulLDVWAQ==
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: R2mBDLPdj1BePEBHouDc59M0pIzpEWKh
x-cache: Hit from cloudfront

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3C7C 169 B
425 B 154ms
126ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d45f812dc5c4577567dc62fc5fbb341ea07f6fa4

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fwww.bunburymail.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-response-time: 113
date: Wed, 20 Apr 2022 06:13:56 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 06:13:56 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 7e36738f27c7953ee79b7d8042dde0734b3f0649766eb1c25e1fcd1b33c6597d
content-length: 143

GET
H2 200 tracking-script.js Show response
api.limbik.com/static/ 153 KB
39 KB 44ms
20ms Script
application/javascript 18.66.248.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.limbik.com/static/tracking-script.js
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-77.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a3ab3568b5bf4220fb3df0eff5b06ba73dafbea4fee60ebff8a98b21df67aa7

Request headers

Referer: https://www.bunburymail.com.au/
Origin: https://www.bunburymail.com.au
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:59:13 GMT
content-encoding: gzip
last-modified: Mon, 21 Oct 2019 21:06:57 GMT
server: AmazonS3
age: 26084
etag: W/"f87629eaca124c271d70c7b74c142577"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: PjvL-paprh1HdhsM6nZC5nzbE3KhEa4uTDA-GCXVK5zkDQg8sADokQ==
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)

GET
H3

200

/
www.facebook.com/login/ Frame 20D9
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df66d2df1269748%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fcon...

0
0

80ms
80ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df66d2df1269748%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8ed9df73ef447da0af3377e1c8c0a42a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 20 Apr 2022 06:13:56 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: x1xV6+4lOAAclfOQbdKErQsIiYpO88/QagF4r09sMPYEj/usmOyuMkCagX6a5NzB4b3HP/1De011QYY8yre32w==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 20 Apr 2022 06:13:56 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df66d2df1269748%2526domain%253Dwww.bunburymail.com.au%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.bunburymail.com.au%25252Ff29a56727393b34%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fpages%252FBunbury-Australia%252FBunbury-Mail%252F249784282359%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26small_header%3Dfalse
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: jErLfXY5fvWTSov389K0tUYhXK6tKcYJSNPY4SQGmsQHj19km/utGbpWZkCQ6WaxJ0J1mdTkPD1qYHOMSmHv+w==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
752 B 103ms
103ms Image
image/gif 2600:9000:224a:3200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1650435236691&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&sr=1600x1200&id=lstrg-24047f137c44ffcb062342c059df8bd4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: 8ymuKFBoCoR5nXh8OsELb5qC0feLJBZQrMgyauRwKgzeNCcce3dVhA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 9409 44 B
716 B 34ms
33ms Image
image/gif 34.252.59.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P39DFC5D7-56B5-4C85-BDA1-A6669302C21E&sessionId=fhukaozluvhajqne3jyupatgdlysm1650435236&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.618&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.59.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-59-158.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:56 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
fhukaozluvhajqne3jyupatgdlysm1650435236.nuid.imrworldwide.com/ Frame 9409 35 B
349 B 60ms
6ms Image
image/gif 2600:9000:2057:3000:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fhukaozluvhajqne3jyupatgdlysm1650435236.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:3000:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 03:20:10 GMT
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 10427
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: qmLwE8YpGawV35LhQwwuN7BZXuyM5uAIHCHIFHzQwVTurj8g6uVg1g==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2FCA 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ogBoYQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 06:13:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D9C0 42 B
64 B 46ms
46ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgdU3Aqilfs_wXlbu-ZeIcqx-5JRXp2VfEv4xrJI12Lz7OLCfGQo-NZfe7YAjxp9xZvoABMJs9ugLW7VRtM4wuamsNZ7ErF8dgKOakKJdDQo0RR8hlEA&sai=AMfl-YTsYg7prIAaIulnjKqzEHxVWwG_4btANp6njKj9np3EcZvgtZ8JV1rrY_OsYcCej7bACVnRMzvsOCLo6LlsODv3mJDJZtsnOXZZh2r-uxl-lbn2PwDDAdgtEuAH&sig=Cg0ArKJSzEi8eDX01IQTEAE&cid=CAASF-RoXwXqhEcEUtulQk20euHgSjNnbOGi&id=ampim&o=315,201&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1035&mtos=0,0,0,1035,1035&tos=0,0,0,1035,0&tfs=217&tls=1252&g=100&h=100&tt=1252&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3001441988

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.ipify.org/ 12 B
245 B 295ms
94ms XHR
text/plain 3.220.57.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.220.57.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-57-224.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 06c2e45403c8924d07778f5b0474a9c4654371d66f63ecfc65bfb7cf205c7550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Wed, 20 Apr 2022 06:13:57 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.bunburymail.com.au
Connection: keep-alive
Content-Length: 12

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3CE6 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUxgR-MD8kRxY2BXCshkebISKvgzkHJRAjHeV4rv7Cwd7YpuuZ98k6vhJT5SGnuuJyBR39ShJB6uXdw4XQ9cLF4Gpb4EVkKtMOZEhLU9UUXHROcvplKQ&sai=AMfl-YQJIPIgd_pEeYvEuYSZvuPrTOWGUEbT9wChjjiEsA2wP3jrIn2M4WPjdivHWktaws5lFHLdYKb4mXDkMvY4isIuZjDrLaRrGNW5WC_GFw8eZ1qsN4HcJ8gCCu6y&sig=Cg0ArKJSzILCHAuNMqndEAE&cid=CAASJeRo8-oh0nlzphBTJKcS8gfvWiUqu634aIHZE7n-p-xsNWdsxbE&id=lidar2&mcvt=1000&p=693,1229,733,1270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4109752419&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650435235655&rpt=304&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
13ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=bunburymail&zMoatAdUnit2=news&zMoatAdUnit3=nationalnews&wf=1&ra=3&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4azsEZ7JWWiCEpP%2F6puplsC0%3D&rs=1-HTLzQ%2BKASm48Xw%3D%3D&sc=1&os=1-MA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=970&gp=693.40625&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1650435234390&de=981634046672&rx=120082439039&cu=1650435234390&m=2881&ar=bee2df476bf-clean&iw=0bc3758&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=693.40625&lb=4652&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=84&vx=84%3A-%3A-&pe=1%3A1469%3A1469%3A3643%3A1782&as=1&ag=1107&an=34&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1107&kw=939&aj=1&pg=84&pf=84&ib=1&cc=1&bw=1107&bx=34&ci=1107&jz=939&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=939&cd=67&ah=939&am=67&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbunburymail%2Fnews%2Fnationalnews_4&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=198121&na=1480721053&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:13:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041301&jk=3384657605533584&bg=!b2ylbCjNAAZvJBiFTyQ7ACkAdvg8WoFT94PEbQlzLY-jGHO2MwytTaFBevN40Jr4jpTB5wDyjkCw7wIAAAGEUgAAAANoAQcKALXjp_AEJpg0E_q7LrNZG0Q1g7E-gfYsa5Rs798jvPEpyaBVz_DNhW_DH-8deWf4iuTyRUu2LP11jrB9y_FX_AHuBouGQWtyMBkpbJ7Ku-ZaJnuWeUjeqdo0EeyQGVNSvaeL9yW9FBhIyA1_21Q24YS2pPlEyrgUAHggxHRx5FaMx2Y9nuqyOdd7hurxE5VemRYRpF40XQYUdZ36fbx_IiALt-Vftic9yawGNGDYHam46z9vJPQPmQKjDpxsZFNDDPDM8fdpBoXhgXDxkGIop4pQJs7nAjTi3jLGDRYWGKhVGPb6jT4nH_zBStEyWMTIGFLNH8KLdMmlVnLwAbHbKYfLOkanN9EsJVcGaIdUnqmykP0tsvTsZ15ckDwLou7xN5vcmC4ot5y3ts5Nm4Fn7y56MyefQ6QkKZsYdSgS9z_a4Imv1Tqu838sp5hyIW_zFX0tOCQ0y_qS8gHEhS0nKJ_ycrVBjAle-iX6ZeluPr0HlXzQAGc1yeHgqXl74ZeXF2CbupNEqYwX-IbL0pdbsX7HQg7qFLLSWW3joQrrhjylTkL0XvVR9VFbh0Vy_jX3wnlALD0IH7vdUI8pTGKvIIifziRc0aehtzXNJGek8Oo1RMXcTSwG3BzeaKp7OAC2MQ0bwRKkO0QffGtU8mQ_kcqS_KVksr7kfMI5_wQJc3d5C-sGYqZIHmLy-mt-U11UdOpVwbwvzi7HaYdI-pyZuASAJjmkvrsg9ums_B94ARPiYKwoIapRNavZc0QPUqvozljmxoGWqwIBKxCpFWEP1_fBgaPO7SpKcOnyYeINvz4b6w1Y_Ivkzd9Ta19DMLq2c790RVhE77iKokVwo_DSc-swXql6wUfY2bKobtvAWDfLDgBrwzJGsyEG3bbD9ZEqAYal_xtIZoPdU5QQnRpWzQ8JjiZE9vvrLNDrTE1RRTAHOwTpJUNJQ1Ld-Vn6LOU3AUji-oYzB0YSO3wxvYzQ6RVAwMVY8OHPyVxG3B89s_9BI4ZcxB74otTBMr2OioUkfxjJhNJ6XWTcNPdPTRcrI-Y_HtM8m0Lx2h1Z-e-5sobe5x5jPDD6W5XJkLRJ0YTyXBpX8S-uhJDIomLFdAZqYMiSdOEXQK1znehjU9vNfRGwucyH9pEMjf1wkKa5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

OPTIONS
H2 200 tp2
plow.streem.com.au/com.snowplowanalytics.snowplow/ Frame 0
0 752ms
279ms Preflight 34.98.100.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://plow.streem.com.au/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.100.248 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.100.98.34.bc.googleusercontent.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bunburymail.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.bunburymail.com.au
access-control-max-age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 20 Apr 2022 06:13:58 GMT
server: akka-http/10.1.12
via: 1.1 google

POST
H3 200 tp2 Show response
plow.streem.com.au/com.snowplowanalytics.snowplow/ 2 B
19 B 311ms
303ms XHR
text/plain 34.98.100.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://plow.streem.com.au/com.snowplowanalytics.snowplow/tp2
Requested by: Host: www.bunburymail.com.au
URL: https://www.bunburymail.com.au/story/7677050/employers-urged-to-embrace-hybrid-working/?cs=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.100.248 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.100.98.34.bc.googleusercontent.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.bunburymail.com.au/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 20 Apr 2022 06:13:58 GMT
via: 1.1 google
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.bunburymail.com.au
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
596 B 33ms
33ms Image
image/gif 34.252.59.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_c131_Bunbury%20Mail%20-%20Other_S&asn=Bunbury%20Mail%20-%20Other&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=fhukaozluvhajqne3jyupatgdlysm1650435236&prv=1&c6=vc,c131&ca=NA&c13=asid,P39DFC5D7-56B5-4C85-BDA1-A6669302C21E&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,bunburymail&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,hnjb1wnramikr8uao9p3x3ymzlnoc1650435236&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16504352364945856&c30=bldv,6.0.0.618&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=7677050&c3=st,c&c64=starttm,1650435238&adid=7677050&c58=isLive,false&c59=sesid,&c61=createtm,1650435238&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&c66=mediaurl,&sdd=&c62=sendTime,1650435238&rnd=76497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.59.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-59-158.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:13:59 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 14ms
14ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=bunburymail&zMoatAdUnit2=news&zMoatAdUnit3=nationalnews&wf=1&ra=3&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4azsEZ7JWWiCEpP%2F6puplsC0%3D&rs=1-HTLzQ%2BKASm48Xw%3D%3D&sc=1&os=1-MA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=970&gp=693.40625&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&pl=0&f=0&j=&t=1650435234390&de=981634046672&rx=120082439039&cu=1650435234390&m=6900&ar=bee2df476bf-clean&iw=0bc3758&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=693.40625&lb=4652&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=84&vx=84%3A-%3A-&pe=1%3A1469%3A1469%3A3643%3A1782&as=1&ag=5126&an=1107&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1107&kw=939&aj=1&pg=84&pf=84&ib=1&cc=1&bw=5126&bx=1107&ci=1107&jz=939&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4958&cd=939&ah=4958&am=939&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4510077817%3A2232018435%3A4965809476%3A138351867137&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatSlotName=%2F21666581298%2Fbunburymail%2Fnews%2Fnationalnews_4&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=198121&na=603180966&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:14:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:14:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 17ms
17ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=5&sgs=6&vb=5&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=ACM_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-wkDxp4lKfRkj2QMKvovmHE5i7dy8ZWS4azsEZ7JWWiCEpP%2F6puplsC0%3D&rs=1-HTLzQ%2BKASm48Xw%3D%3D&sc=1&os=1-MA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=4652&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=4652&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&h=4&w=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.bunburymail.com.au%2Fstory%2F7677050%2Femployers-urged-to-embrace-hybrid-working%2F%3Fcs%3D12&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1650435234390&de=102981113349&rx=120082439039&cu=1650435234390&m=7101&ar=bee2df476bf-clean&iw=0bc3758&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1469%3A1469%3A3643%3A1782&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5178&cd=0&ah=5178&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=bunburymail.com.au%3AEmployers%20urged%20to%20embrace%20hybrid%20working%3A__page__%3A-&gw=acmheader706032617774&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=198121&na=1341276938&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bunburymail.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Apr 2022 06:14:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 20 Apr 2022 06:14:01 GMT

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.buscircle.com/	1970-01-20 11:12:51	Name: wp43385 Value: "XWWBYDs-ln-JhgmHJm-TTTV:VUUWJDtlnDl-TULA-VVTXDDDTKLCWXDgNssDDLFl-TULA-VVTXFJmWT_T^UZYTXWYVWV"
.bunburymail.com.au/	1970-01-20 04:36:51	Name: _gcl_au Value: 1.1.2106072761.1650435234
.adsrvr.org/	1970-01-20 11:12:51	Name: TDID Value: 32e18028-6796-467a-a936-9ae4e2d33b7e
.bunburymail.com.au/	1970-01-20 02:28:41	Name: _gid Value: GA1.3.1555094316.1650435234
www.bunburymail.com.au/	1970-01-20 11:56:03	Name: _cb Value: DCWrJxBrdSmDCF4Qyk
www.bunburymail.com.au/	1970-01-20 11:56:03	Name: _chartbeat2 Value: .1650435234380.1650435234380.1.BvX1e3BJ97wfyzu41mabNcDb2qcL.1
www.bunburymail.com.au/	1970-01-20 02:27:17	Name: _cb_svref Value: null
.bunburymail.com.au/	1970-01-20 02:27:15	Name: _dc_gtm_UA-16730067-41 Value: 1
.doubleclick.net/	1970-01-20 11:48:51	Name: IDE Value: AHWqTUl07FwkurzV9V083egbqXCYbFxrnHzFL9ZEBTHIPhSizywpWytUjpO89EN6DE8
.bunburymail.com.au/	1970-01-20 02:27:15	Name: _dc_gtm_UA-61683903-1 Value: 1
.bunburymail.com.au/	1970-01-20 04:36:51	Name: _fbp Value: fb.2.1650435234561.1606986367
.bunburymail.com.au/	1970-01-20 19:58:27	Name: _ga_7PC84FGF0J Value: GS1.1.1650435234.1.0.1650435234.60
.rubiconproject.com/	1970-01-20 11:12:51	Name: khaos Value: L276IXAU-6-GTRY
.rubiconproject.com/	1970-01-20 11:12:51	Name: audit Value: 1\|naVuGyos1qo6+Bu8Gmk+eUHau3iET1N0BmQvWiFCZkKsAHTXr+Vc7tTZTcKSqHT+YgQdRit9i2w1+05SrbNVvm6ZxmXPvKvYC8AbXmWgWlXDCi9KRbRe6g==
.bunburymail.com.au/	1970-01-20 19:58:27	Name: _ga Value: GA1.3.172446066.1650435234
.krxd.net/	1970-01-20 06:46:27	Name: _kuid_ Value: OyggHK5d
.bunburymail.com.au/	1970-01-20 11:48:51	Name: __gads Value: ID=a5ed3c59ec539629:T=1650435234:S=ALNI_MYGoIQ2MEzHJg7vK8vh_nlBt-l3Xg
.casalemedia.com/	1970-01-20 04:36:51	Name: CMPS Value: 5199
.casalemedia.com/	1970-01-20 02:28:41	Name: CMST Value: Yl+ko2JfpKMA
.adnxs.com/	1970-01-20 04:36:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>=iglqe!]tbPl1M>e)ZlrFUfJ+tGXxpWcVP!bT^#[6GT^N[ADLE8LyM'f_/$Ddx!K!F3If)y3KL9D3I?+Aim`kD
.adnxs.com/	1970-01-20 04:36:51	Name: uuid2 Value: 2378268975783380180
.casalemedia.com/	1970-01-20 11:12:51	Name: CMID Value: Yl.ko91a0296pfmGd7fn0AAA
.casalemedia.com/	1970-01-20 04:36:51	Name: CMPRO Value: 1172
.casalemedia.com/	1970-01-20 11:12:51	Name: CMRUM3 Value: 2d625fa4a32760CAESECbidt7z5kf9zO4NagZenHI
.facebook.com/	1970-01-20 19:58:27	Name: sb Value: pKRfYvcmnR2QGt7aMuuZkOiC
.imrworldwide.com/	1970-01-20 11:48:51	Name: IMRID Value: 0f989ca0-c071-11ec-881e-bb448461111f
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: ede6e3ca90b2db6e
.facebook.com/	1970-01-20 04:36:51	Name: fr Value: 08RAdrFpuVUdZ2mhp..BiX6Si.oq.AAA.0.0.BiX6Sk.AWU7j7AtLqc
www.bunburymail.com.au/	1970-01-21 13:29:39	Name: uid Value: 166fe6bb-b7dc-4100-892c-04c246f342d4
www.bunburymail.com.au/	1970-01-20 02:27:17	Name: _sp_ses.69ff Value: *
www.bunburymail.com.au/	1970-01-20 19:58:27	Name: _sp_id.69ff Value: c0518239-f3ce-4e97-81c9-ba0c5a64e540.1650435237.1.1650435237.1650435237.3ae94773-58d5-4561-8f85-7b4426b92096

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js(Line 118) Message: Unrecognized feature: 'attribution-reporting'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	child-src * blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0c40ec2357614c96676d7f79308a29e3.safeframe.googlesyndication.com
a.teads.tv
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.google.com
api.ipify.org
api.limbik.com
api.rlcdn.com
api.solutionshindsight.net
as-sec.casalemedia.com
bam-cell.nr-data.net
beacon.krxd.net
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.krxd.net
cdn.streem.com.au
cdnjs.cloudflare.com
clients1.google.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
cse.google.com
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
fhukaozluvhajqne3jyupatgdlysm1650435236.nuid.imrworldwide.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
images.outbrainimg.com
js-agent.newrelic.com
js-sec.indexww.com
marketing.buscircle.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mb.moatads.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
odb.outbrain.com
origami.secure.ownlocal.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.roymorgan.com
platform.twitter.com
plow.streem.com.au
px.moatads.com
s0.2mdn.net
sdk.amazonaws.com
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.solutionshindsight.net
stats.g.doubleclick.net
survey.survicate.com
surveys-static.survicate.com
syndication.twitter.com
t.teads.tv
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.bunburymail.com.au
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
104.244.42.72
104.79.89.16
108.157.4.124
108.157.4.48
108.157.4.65
13.239.102.90
142.250.184.194
142.250.185.194
142.250.186.38
142.250.186.98
151.101.130.133
151.101.14.132
151.101.2.137
151.101.66.133
162.247.243.146
18.170.16.189
18.66.248.77
184.31.84.150
185.33.221.50
204.237.133.116
207.189.124.9
23.35.229.181
23.35.236.247
23.35.237.151
23.35.237.86
2600:9000:2057:3000:1d:667e:2a40:93a1
2600:9000:214f:8200:2:42d9:3100:93a1
2600:9000:224a:3200:1e:a43d:b640:93a1
2600:9000:2315:c600:18:1fcd:34f:cdc1
2602:803:c003:200::41
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:801::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c09::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a0b:4d07:102::1
2a0b:4d07:1::1
3.220.57.224
34.117.86.212
34.120.133.55
34.252.59.158
34.96.77.232
34.98.100.248
35.71.131.137
52.208.32.237
54.208.44.81
54.76.30.252
65.9.7.13
70.42.32.255
92.122.144.28
053d6e205f4e8e0a7da3bd81eaa5382e110ea22f4c055c6f9b22422eae05247f
0646ca280b3289369e48cbb69c7988e6754936d22edaf7a6280f4a6954281acd
06c2e45403c8924d07778f5b0474a9c4654371d66f63ecfc65bfb7cf205c7550
07faa617cfb2a9cf77d9a06598ea37fa4c88cff217e7e73515318aa2fdbb9d74
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
092442af4e805b930b9c8c6db9994a6405500d60445842d7ab628587aa8caa09
0a5621a7f63eb1ade6a0d745abf349f64c946ca23da4d22bff17ef70258a7882
0af3cf517b81c423745f3492c52555abc85cbc7798d721b333f1d2a87e794cdc
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
103316b29f55bb4098f2a339f26ae0b54009ac2e010982624bcb7698ee8a44d5
10687df4d17a43eb63901428657cd355a8a70bb58df7dd3f573c972266c72c54
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1309d39e5a33ab51962c1c0d4ae1664f4c33ca11d55cc162d858ef5a1cb56ba1
1580b72c630fcf80cda946929d9c3b3ad7911392b35b3caa08f49ef87ffbbb32
19b3349d4b003f3f3e6564ec49eb7e3bef3507c2c73f95c876ccc76ea3cfe619
1a18ce7c13256654557df4cb0e2f2fee41c5cbfc01652d5fd411bd2267a2172a
1cca29e5b46d6dfcb9a47b03fb08e8a09180c126f6bafea983d16eef2dbeb735
1d9b7f18672377ecefa3d899825b376e38ae295ca7325b1b51cfa715a38b267b
1de5da3906898af32b1d914048c6df2c1cba2c756a4ba72dcb4308dd02e12cac
1e63ce2cd90b5a7afcd2d6f962083c887bcf442c46987aaf5ba719ca23591881
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
21d213c9eb95ea5a13b575d72f101fda45ab6413596423662e4933c3e6f8e3aa
21e44cf4e4be86fff7059242b352bafc262cda37d5902c403981d2768152e7cb
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29d250650b4dacb1953518c92e8a05c439653fc40f088a4daa6a8542cc58f3d7
2a3ab3568b5bf4220fb3df0eff5b06ba73dafbea4fee60ebff8a98b21df67aa7
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dd1e0806ca07af70a30fffade676419d85e6aa78e80576df43e008d88261ec3
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32be1dbab85786857f0e3ed7ee5b1dcf18f99186872f87ff5e858ec0ff6cb74c
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
340e1aa3a6ff20ba6d9e6713505140ab7d5134d8f91711ae8da7c3b0e18147c5
34604ba39b93517852a6a2239fca2a8ef5454ef608d91dfdba2413a5c03c9ef5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
362e1eca80b8e732663de5a65603a7a0c85c2deb8840cfd33f61ea14a88867ff
39ce831c2d42884a6bc694df10253f7d52b9e6c18c9e92b7ee5b00ba7ad0c14d
3a8a1cb088c28bd3bdc4251c078504fa91744cc1efd5bcaf397c0386e63ca25b
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3f466703ee5d07a0980d05f205a4f09fb9ba509db286b6d7038d3da5cd350224
3fd71f5e1b6d4dbfa202669bbc69f8065462802b01b7a438518f1c5e3ff9547a
404b904f1d21059e43c8d5a2a5588c301310a2df08ba601c99096454277455a9
42bdbdbda85dbbc06e94cf5488f75f516f94e6559641fc273045ab0b26cbf067
495a25bc34fa5587f34b986afa47450cfcf14a44e75702f77986d872f38ffc3f
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a0e1613fe6d7a573512793140e18b12e2deab996d0f03f186a6b3a15153728b
4abe9cdc849179867d36f46e63d86bfad9f88012a023889526f75df42ebcd8bf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
4d475c17e726c1eecf3e22020783b892ebb3cd2f55a9c80ce57eb31806a632cf
5021e624e752b001ce3e3846e8f158ed4aeb93a4c9a72fdb35a0c5b14a0eea84
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5133f0eac95271b119957cb2b775b64c2591bd07fc1af3550f6e0671d3283d15
513db1539e2636a80095ea5400aba7f55aa44b4d78eb0440cc87b6d693cf6090
5398492ba71b1db434c6dcc2a42743e0a4d4da01a83766e94f8930b7953027ad
53c3b920b8c03038f8385ad513a3a6658dfe3fb63bbb8ac52fba7525b27b92eb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59ce26c6f1ceac2137ebdf8e3827b8f110d569ecc4323aded2026048ebca2d7d
5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e
5b1d5e1814ff545214df01acbe67b26df8bde70575ac0bd272433c838791b535
5b906fc46b61702ca44065496615da1c589eed624c4ddaf7862f1bd9fd8ab22c
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5ea13c23b63db24ff053b28f2ea7309ab98230d14479cf23f1a84fc12cadac38
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6108edbc1f5214af071c67c83109f7537844742f184c70e53eec990a9ee531d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
6641df24c4c6946f2349ee64014021527650f928b9febcdbfd9244dddb88a7a9
66fc96e9da69fb6dc010c59603c13e25a21db557b32afa5ae065108ec0e510ef
683755df284c52999ee1fa0446d6afebe418bac8e820023b6087728ddfc7d5e1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b94468447d78653525d753177d44791f13e0520dfad5042b12cbf96011d7227
6c3a26194f567a4aa5162cb5d6bea0ab263f91eb39b59237576c7f74e116fe99
6c5caabb3d7795e7e2344ef4950a455075b9d4345d313e8c9605a779b51199bc
6cbba68a69b3e301f29ef142894753d4de27bccfb75cbf916fa7e6e8003cea7b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6f1f9ec4e2325dd79fe242e37ecbe16b2f35229e06e56db19552e82ed0168c63
6f397df653bfab97b416b27ae109aa48ce37c70954bc1128055437226b1ebc1b
6fee79a548d63412b539dab8577bdf1d04730ca61b1d5496b3ca2711b54352fc
70fbf13b7e78b769a618e595d9add29172e4b149b3988a5d35b75dcde514d44b
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7567ab4fbd2c87002df2af4eb0199cc67f27b6c53135c6928ee893173f3a48f4
7d6059742336715d8752a4bde025df230f73ce3e64d28fdedbf049c1e6f58f74
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
80f16f6cc6ad09222b82ead9d638ce890ccebcf88a91984d9527b0537b48d524
8298887ec48e74ce99f322a40fc502ca42608dc8c10e72585fc491c074e896dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84090c263e0f79c47ea50c29ad48d787a88b729b9afaac719393065918f459c9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850a7fae38048a80a15d4f024fbb962d8dee6c305925bb82fbc8802c6d423956
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52
8cd4d24736a79c2eb6745e224165edf4016bbecab91f2a8a607dcc3556f27472
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8ed1767bbd23629c2bf63fe4e7b5f088cd0e66612a4756e7e66b97de61947272
8f1828064e1094da107203d0cd2b5fed8a387c6d438a1903b4aa71f2232be226
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97487ddbee837fc59e1c397d47ff0756545c5545ef90002e1a9a5184f5aa1a47
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
97e6cb1fdafffeb910b83f05480aa133ba545beca77ba4316fd197995395cf55
98dde543eb20ec2cdf516a9eb7a9ab576a1f3d6de83f72a7ef46f139e1ef13e1
9c0f46cbb80e6fe12b40e49ecd795911837061ee091386648b197d7011e9d563
9e536d145bbb5b14f2c57e15b1d6ee88a1e81c234bad555f97c1640a06c8c63a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a002921639e07f0b901c3d10e122339255af03a0886e551eb5cff117fbd07a37
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f770e5189bda45f48850960cf778982b4dbc71e8a572724d961c7a786823b2
a24e9fe64d28c263f2fb8801338ac55aabfc0b6dbab641308af33267857f8a87
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8ac8ce1153b5e1594c38e18e85419ab20398b420eb3a41e83d10efe18d59fa8
a9a2ea9b71197c5f55e1549e2f7bffe76bcc29af8fe0c7914a4a2f814a27d2c4
ac599cab7a6a51e6e395574068dd128024e576e2647eb57a3123eed0c051143d
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
aeb0726952dc3ab1980c871c4c639bf4ce444031b94f029c1e3c32ed4e03d140
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
b003d841f1cbfd8defb000569a4d2e00d8c6b52c1e4e52fb20ec1d740c974f98
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28262a00acdef28dad40aca53ea3d6d58d1d5b294cdf895f6a628e96c5f5c16
b4cf07064913b074032756a37eaf17f1914e788aa4ff7df70b6118ab5c90c82f
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
ba7429878d565939b7404fb90c830c64c96d490a6c5456de8cf2ab1c8ab41dfa
bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0
bc943dbb3fd97cb79984703e5585d260066797ffbf821d874511c3ecaf1d4c85
bdd7e17fcbd2d9a275ec8ffbca29f2af5eb51223697d35e7214640b90ef33183
c119ca0792ed3a541fe7f3c0650358eafa5935bb1ea2111b60fd291c335e13de
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c64708b30ca94141585b193641d4bbeb6104545fce3692eebcc8d2cfa066dfac
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
caad48abaa3ee24e32068478cdb04c6bca7e1e140068295cdb5bb6c22a456663
cb9379e97b59dc280578ef82284d5fabe2d798ca624c4169dff8b6727afc556f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6a5c1e67f603913da93df4250532177860dc514e3cee57163343cd57941a1e
d2f1aee1a9cd7957dea20305e185de71cc8b5b36c3652e93b658ccde0dcb5c06
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d4649022c1e430e604bd8920740177f5232d4a2a1092f94351e54ba5a6db6bbb
d6a02948be8e5e63277fd8aa74f7796824a553f94d4ddd2da72649b2db4d8d0c
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8
d82a75b1f2f2ad10984cdfe8c9b4465d84c930f6c497b48efb94e2fd9a7c8c4a
d89d247867a3b3c2510749c78834b41bc2e464e124da20fe7528dfefd0e59675
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db467146b71336f602c1f73aa38765ea43c3c1f3cded095a1389665e640af4b0
dbd235c6a0e9016a2a4e97a56229a30942117da92628bf7a0c24fb3a5b5b9ab9
dc535156bc76bf20fb610662776dc38d6e0185d87f573e7ce3726d61782bfc25
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
e1520323683aaef1a6ba78f345b2ef3e04b77a2d57b8830845842e3da498f1ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e447616904a793ce8ee1467f09127bfc8f0f2e0808beaeb816e7d171331150c7
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e6b98eeaff464ae66763ab4db8f59fc71abf8811f468506ea79dd14c436d4967
e75899d5aa4ae5a6c117092f2979096d115e2baef29137be856f473aba45d8c6
eb3625adb6da06ded2113216ee629174aebd1ffc04427846b96d5907fcecd53c
eb74b089150390c22eb81f6f3e0063bd6819440a81066310a1b5429139defcb6
eeb85c2675888473ec64b7580aa0c76c6fd6b2bd51828870286ef202ad89dae2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effd0e1493054852ddf2be0882223a632c130c04fed5b910072cdd93e5ad0bb5
f067779c6d65d088018e6153072088c335c178a4bf4a3398b1faee6c8e291a87
f22de62cb0a481042ace888d9e10bb0324da24ed6aa6c48b46d6f4c8b0adf8c1
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6da03e0fbbac6ea572f250e2edb06ca2d6a0ec574191e8c7053e2f65a425496
f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
f9ded48ca70a7c033c5cf8bee7919077218d8da5b9452eb4bfb36a3fc46661ad

www.bunburymail.com.au Open in urlscan Pro 108.157.4.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

231 Requests

97 %HTTPS

46 %IPv6

43 Domains

77 Subdomains

70 IPs

9 Countries

4203 kBTransfer

12485 kBSize

31 Cookies

25 Outgoing links

Page URL History

Redirected requests

231 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bunburymail.com.au Open in urlscan Pro
108.157.4.124 Public Scan

Screenshot
Live screenshot

Full Image

231
Requests

97 %
HTTPS

46 %
IPv6

43
Domains

77
Subdomains

70
IPs

9
Countries

4203 kB
Transfer

12485 kB
Size

31
Cookies

231 HTTP transactions
13 data transactions