urlscan.io logo urlscan.io
SecurityTrails logo

fantasy.afl.com.au Open in urlscan Pro
2600:9000:206f:ee00:4:b9ed:89c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fantasy.afl.com.au/
Effective URL: https://fantasy.afl.com.au/
Submission: On March 08 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 7 countries across 28 domains to perform 98 HTTP transactions. The main IP is 2600:9000:206f:ee00:4:b9ed:89c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is fantasy.afl.com.au.
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on March 25th 2020. Valid for: a year.
This is the only time fantasy.afl.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::729 54113 (FASTLY)
4 2a02:26f0:710... 20940 (AKAMAI-ASN1)
4 54.66.166.227 16509 (AMAZON-02)
4 151.101.112.176 54113 (FASTLY)
2 2a03:2880:f04... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 7 34.249.46.6 16509 (AMAZON-02)
2 5 54.77.118.208 16509 (AMAZON-02)
4 2600:9000:218... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 54.77.35.96 16509 (AMAZON-02)
2 15.237.136.106 16509 (AMAZON-02)
1 1 54.171.42.33 16509 (AMAZON-02)
1 13.226.159.36 16509 (AMAZON-02)
1 34.217.2.156 16509 (AMAZON-02)
2 10 142.250.185.226 15169 (GOOGLE)
10 10 151.101.114.49 54113 (FASTLY)
1 1 184.30.24.198 16625 (AKAMAI-AS)
1 2600:9000:211... 16509 (AMAZON-02)
1 1 52.57.150.20 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 184.30.20.241 16625 (AKAMAI-AS)
1 2 37.252.173.62 29990 (ASN-APPNEX)
1 2 35.244.159.8 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
98 39
11    2600:9000:206f:ee00:4:b9ed:89c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
fantasy.afl.com.au
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
4    2a02:26f0:7100:491::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
4    54.66.166.227 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-166-227.ap-southeast-2.compute.amazonaws.com
medrx.telstra.com.au
4    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
2    2a03:2880:f045:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    34.249.46.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
5    54.77.118.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
secure-au.imrworldwide.com
4    2600:9000:2182:3200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.77.35.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-96.eu-west-1.compute.amazonaws.com
telstra.demdex.net
2    15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
infos.telstra.com.au
1    54.171.42.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    13.226.159.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-36.dus51.r.cloudfront.net
bee.imrworldwide.com
1    34.217.2.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
m.stripe.com
10    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
www.googletagservices.com
10    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
rtd.tubemogul.com
rtd-tm.everesttech.net
sync-tm.everesttech.net
1    184.30.24.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-198.deploy.static.akamaitechnologies.com
image5.pubmatic.com
1    2600:9000:211e:4400:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
lkzi1q4jbbs2u8umlgeptngaxuliv1615222852.nuid.imrworldwide.com
1    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ps.eyeota.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
us-u.openx.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
11    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
18 googlesyndication.com
pagead2.googlesyndication.com
1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
tpc.googlesyndication.com
104 KB
11 doubleclick.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
129 KB
11 imrworldwide.com
secure-au.imrworldwide.com
cdn-gl.imrworldwide.com
bee.imrworldwide.com
lkzi1q4jbbs2u8umlgeptngaxuliv1615222852.nuid.imrworldwide.com
68 KB
11 afl.com.au
fantasy.afl.com.au
991 KB
10 everesttech.net
cm.everesttech.net
rtd-tm.everesttech.net
sync-tm.everesttech.net
2 KB
8 demdex.net
dpm.demdex.net
telstra.demdex.net
11 KB
6 telstra.com.au
medrx.telstra.com.au
infos.telstra.com.au
22 KB
4 google.com
adservice.google.com
www.google.com
720 B
4 google-analytics.com
www.google-analytics.com
37 KB
4 stripe.com
js.stripe.com
m.stripe.com
58 KB
4 adobedtm.com
assets.adobedtm.com
112 KB
3 gstatic.com
fonts.gstatic.com
50 KB
3 googletagservices.com
www.googletagservices.com
81 KB
2 google.de
adservice.google.de
www.google.de
272 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 openx.net
us-u.openx.net
470 B
2 adnxs.com
ib.adnxs.com
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 pubmatic.com
image5.pubmatic.com
image2.pubmatic.com
2 KB
2 facebook.com
www.facebook.com
487 B
2 googletagmanager.com
www.googletagmanager.com
70 KB
2 facebook.net
connect.facebook.net
62 KB
2 googleapis.com
fonts.googleapis.com
1 KB
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 eyeota.net
ps.eyeota.net
418 B
1 tubemogul.com
rtd.tubemogul.com
267 B
1 stripe.network
m.stripe.network
12 KB
1 sentry-cdn.com
browser.sentry-cdn.com
16 KB
98 28
Domain Requested by
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
fantasy.afl.com.au
1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
11 fantasy.afl.com.au 1 redirects fantasy.afl.com.au
8 sync-tm.everesttech.net 8 redirects
7 dpm.demdex.net 1 redirects fantasy.afl.com.au
5 pagead2.googlesyndication.com fantasy.afl.com.au
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
fantasy.afl.com.au
5 secure-au.imrworldwide.com 2 redirects fantasy.afl.com.au
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 cdn-gl.imrworldwide.com fantasy.afl.com.au
secure-au.imrworldwide.com
cdn-gl.imrworldwide.com
4 medrx.telstra.com.au fantasy.afl.com.au
medrx.telstra.com.au
4 assets.adobedtm.com fantasy.afl.com.au
assets.adobedtm.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.google.com 1 redirects 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
3 www.googletagservices.com medrx.telstra.com.au
securepubads.g.doubleclick.net
1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
3 cm.g.doubleclick.net 2 redirects fantasy.afl.com.au
3 js.stripe.com fantasy.afl.com.au
js.stripe.com
2 googleads.g.doubleclick.net 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
2 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sync.search.spotxchange.com 1 redirects fantasy.afl.com.au
2 us-u.openx.net 1 redirects fantasy.afl.com.au
2 ib.adnxs.com 1 redirects fantasy.afl.com.au
2 dsum-sec.casalemedia.com 1 redirects fantasy.afl.com.au
2 infos.telstra.com.au fantasy.afl.com.au
2 www.facebook.com fantasy.afl.com.au
2 www.googletagmanager.com fantasy.afl.com.au
2 connect.facebook.net fantasy.afl.com.au
connect.facebook.net
2 fonts.googleapis.com fantasy.afl.com.au
tpc.googlesyndication.com
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 image2.pubmatic.com fantasy.afl.com.au
1 pixel.rubiconproject.com fantasy.afl.com.au
1 ps.eyeota.net 1 redirects
1 lkzi1q4jbbs2u8umlgeptngaxuliv1615222852.nuid.imrworldwide.com fantasy.afl.com.au
1 image5.pubmatic.com 1 redirects
1 rtd-tm.everesttech.net 1 redirects
1 rtd.tubemogul.com 1 redirects
1 m.stripe.com m.stripe.network
1 m.stripe.network js.stripe.com
1 bee.imrworldwide.com secure-au.imrworldwide.com
1 cm.everesttech.net 1 redirects
1 telstra.demdex.net fantasy.afl.com.au
1 browser.sentry-cdn.com fantasy.afl.com.au
98 44
Subject Issuer Validity Valid
*.afl.com.au
Trusted Secure Certificate Authority 5		 2020-03-25 -
2021-03-25		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-09-30		 9 months crt.sh
medrx.telstra.com.au
QuoVadis Global SSL ICA G2		 2020-09-03 -
2021-10-02		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-01-19 -
2021-05-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
infos.telstra.com.au
DigiCert SHA2 High Assurance Server CA		 2020-07-20 -
2021-10-27		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-20 -
2021-05-04		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon		 2020-06-26 -
2021-07-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-03 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
*.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://fantasy.afl.com.au/
Frame ID: DD97C649CC7708286F7F9D91F9559B12
Requests: 56 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-8dc667e22429e9795dce1a8237a76325.html
Frame ID: 480B5D59FC30D20646CA8E36A67B0C00
Requests: 2 HTTP requests in this frame

Frame: https://telstra.demdex.net/dest5.html?d_nsid=0
Frame ID: 91A96F69042ED2494CEE89BD614DD601
Requests: 13 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D04707C54D70A60169310984601BD881
Requests: 2 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 98DDCDD02136C7F9E6F1496167B30A1C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 50C57398F36061A9A4C47AEA0BB39CAE
Requests: 2 HTTP requests in this frame

Frame: https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 4F7172F807EED106BAE45463CC473EC3
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
Frame ID: 7211712BEFF48E00CD61605182FEED12
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 41777A97AEE1ACC2618121D67652B92F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://fantasy.afl.com.au/ HTTP 301
    https://fantasy.afl.com.au/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

98
Requests

100 %
HTTPS

55 %
IPv6

28
Domains

44
Subdomains

39
IPs

7
Countries

1826 kB
Transfer

5997 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fantasy.afl.com.au/ HTTP 301
    https://fantasy.afl.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1615222851164 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1615222851164
Request Chain 20
  • https://secure-au.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 30
  • https://cm.everesttech.net/cm/dd?d_uuid=64852767245849908402381415993328306619 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEZYQwAAAFzEmAHZ
Request Chain 32
  • https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1615222851688&ci=bigpond&js=1&cg=0&ts=main.440012c3.chunk.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Ffantasy.afl.com.au%2F&sr=1600x1200&tz=1 HTTP 302
  • https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1615222851688&ci=bigpond&js=1&cg=0&ts=main.440012c3.chunk.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Ffantasy.afl.com.au%2F&sr=1600x1200&tz=1&ja=1
Request Chain 39
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQ4NTI3NjcyNDU4NDk5MDg0MDIzODE0MTU5OTMzMjgzMDY2MTk= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjQ4NTI3NjcyNDU4NDk5MDg0MDIzODE0MTU5OTMzMjgzMDY2MTk=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPJWiGJzYAMPlrY8YWC83As&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 41
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=YEZYQwAAAFzEmAHZ
Request Chain 42
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=15EC6FA4-7ABA-4971-8A3F-1FBE55827DD1
Request Chain 45
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=64852767245849908402381415993328306619&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 46
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVaWVF3QUFBRnpFbUFIWg==
Request Chain 47
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEZYQwAAAFzEmAHZ&expires=90
Request Chain 48
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEZYQwAAAFzEmAHZ HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEZYQwAAAFzEmAHZ&C=1
Request Chain 49
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YEZYQwAAAFzEmAHZ HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYEZYQwAAAFzEmAHZ
Request Chain 50
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEZYQwAAAFzEmAHZ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEZYQwAAAFzEmAHZ
Request Chain 51
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEZYQwAAAFzEmAHZ
Request Chain 52
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEZYQwAAAFzEmAHZ&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEZYQwAAAFzEmAHZ&img=1&__user_check__=1&sync_id=d72f4c35-802f-11eb-a7de-12c786063f06
Request Chain 53
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEZYQwAAAFzEmAHZ&t=2592000&o=0
Request Chain 93
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fantasy.afl.com.au/
Redirect Chain
  • http://fantasy.afl.com.au/
  • https://fantasy.afl.com.au/
17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
447a58c80982da410be8409d465bd8d05ce9ae4211a6e5d22f9eda825633a1ac

Request headers

:method
GET
:authority
fantasy.afl.com.au
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
last-modified
Wed, 24 Feb 2021 05:40:21 GMT
server
AmazonS3
content-encoding
gzip
date
Mon, 08 Mar 2021 16:58:23 GMT
cache-control
max-age=300, must-revalidate
etag
W/"d35433b733247d164c70fe6753b1f2d7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
_tgL6cE3lp9Ar0UtAtveo_jOmOTXTeWCZLFG0HnyL3GD7NgPNcTleA==
age
148

Redirect headers

Server
CloudFront
Date
Mon, 08 Mar 2021 17:00:50 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://fantasy.afl.com.au/
X-Cache
Redirect from cloudfront
Via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
Rh20okp3-jYNXx-hmotE_Cd8Caea7BOgJ_-sLtycRhxOHX2R6VCcng==
css
fonts.googleapis.com/ 		6 KB
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae62dd075f4359b389158ec0ce732971da832938b5d630a24eb2e89111b00e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 15:28:58 GMT
server
ESF
date
Mon, 08 Mar 2021 17:00:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Mar 2021 17:00:50 GMT
bundle.min.js
browser.sentry-cdn.com/5.2.0/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.2.0/bundle.min.js
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
cfc415ab91068de39d43b4067df9a0de6f525552e7cc6ebfce5bfa73230569e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://fantasy.afl.com.au
Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 14:35:56 GMT
server
Fastly
age
3990344
etag
"286985ebfbb63a0ee7125bec36ff8963"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
15747
expires
Fri, 21 Jan 2022 12:35:06 GMT
satelliteLib-e77072e2e4da7eea0556fdc8c500cab830c90752.js
assets.adobedtm.com/b115bc50b73a685b73a5ec23570f976910498851/ 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b115bc50b73a685b73a5ec23570f976910498851/satelliteLib-e77072e2e4da7eea0556fdc8c500cab830c90752.js
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
42735a9da7836797ea63ddf5d7f536c7aa7d7892514c41ff2908cfc62c79e2cd

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:50 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 03:28:51 GMT
server
AkamaiNetStorage
etag
"eae88588cb3cfd375ff906e6d0b7c216:1613359731.181092"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
25871
expires
Mon, 08 Mar 2021 18:00:50 GMT
modernizr.custom.64012.js
fantasy.afl.com.au/bphf/res/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/bphf/res/js/modernizr.custom.64012.js
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6028227100b120bdf1e105830d24255a868af03897d02064eba16cffc903d57

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 05:40:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"e17684a01dffa61c46388264e57be049"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=300, must-revalidate
x-amz-cf-id
jp6bMt6Dtof4lVZgfkg1kGQDgrH-6pGC4X42gp7i5UBATh8yyylJcA==
tmhf.src.2.0.min.css
fantasy.afl.com.au/bphf/res/css/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/bphf/res/css/tmhf.src.2.0.min.css
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee1e414f654c31752f80df80e9874790c660df46d930eb7e7e3919d92e8c0554

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:50 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 05:40:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"1351b1b8ebb0de0699248d52c6cbce6c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=300, must-revalidate
x-amz-cf-id
cuVps7TBMP_ar1d_05bpMyckj6B4g1WGk_rsLlaDSqWYtr6SzAZZAw==
2.b4ad1511.chunk.css
fantasy.afl.com.au/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/static/css/2.b4ad1511.chunk.css
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1567222d20b8b8dea098e142e83ce10c5c21543fd379a553f8c81f265cc79ec7

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:50 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 05:40:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"e4dc220f37e727f6b70457142e14a7f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=300, must-revalidate
x-amz-cf-id
1_jwtPsnpTe8JffPX8LBfF5sgsYnm23oooeZu5oJd-xEeDVdHcwsXQ==
main.cfa349be.chunk.css
fantasy.afl.com.au/static/css/ 		2 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/static/css/main.cfa349be.chunk.css
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
042ce59bc63660dada99fe0024cbd2f32987cfe9d6170958c1c31be41f4776a3

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:50 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 05:40:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"7486c2440e84466bf7b0971bee9074f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=300, must-revalidate
x-amz-cf-id
0eaa9-9BRbMMhg8bgMIDhzVOOIe3w-Na7fSit8XHprNInXdP8lYQug==
lib.js
medrx.telstra.com.au/tmaf/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medrx.telstra.com.au/tmaf/lib.js
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.66.166.227 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-166-227.ap-southeast-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
5ca825eb7c6cc817e7ceb33a6ee6d28bfda612dc47cad6c50335adf913306944

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 17:00:53 GMT
Last-Modified
Wed, 23 Sep 2020 03:21:54 GMT
Server
AmazonS3
x-amz-request-id
AN5Q0MBWFJDQ6H9M
ETag
"14c2bc4038a26cc5a3e0634b83e3ee97"
X-Cache
MISS from medrx.telstra.com.au
Content-Type
text/javascript
Content-Length
17166
x-amz-id-2
CppfPHT+72l9881etcXxJLjwk+742fW4OVe7gBvVFEfIVaaYUsSKYzfKR+STcL/115KFsmkCCFk=
/
js.stripe.com/v3/ 		214 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0f33ff8c7fbc1303a7c42cf242835af1c23357962a57ec6bec6cf8e7671cee9
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
gzip
vary
Accept-Encoding
age
217
via
1.1 varnish
x-cache
HIT
content-length
57063
x-amz-id-2
Lp8jKhcqyXRDEy0OKVyLXAPP74t4avjPGpC2czwRkyTBxQQjhfdoj3kBHcpToWQ1hVi2IEqymZo=
x-served-by
cache-hhn4026-HHN
timing-allow-origin
*
last-modified
Fri, 05 Mar 2021 20:21:51 GMT
server
AmazonS3
etag
"ac7e82b6764769afb27bb9a2c7a5fec2"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
QQZ5RCFQ25CM7WCW
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
102
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
19adae98c02c8a9c78931d6da857ecdadfdec7bd40c0ba0c555d9edea5d862b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
phbroB+CGb74l7EZT89hZw==
cross-origin-resource-policy
cross-origin
expires
Mon, 08 Mar 2021 17:12:03 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
genAIFL6UjBEQJZzFUVqMUrX1EXoubjngX6zhLbVZY/qdHOhmG5Toru7fYiGamQJcv62c2WejUVq1EhJg8pWQw==
x-fb-trip-id
2050670934
x-fb-content-md5
f708285b5bf7f05face73026ce35c56d
date
Mon, 08 Mar 2021 17:00:51 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"07dc9918b7dd340489565100af34feb2"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
tmhf.src.2.0.min.js
fantasy.afl.com.au/bphf/res/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/bphf/res/js/tmhf.src.2.0.min.js
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c124c77cdd218b05991e417897ed624576341e2ef54307447869afb0063c1838

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:50 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 05:40:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"1d365550327abc7cf203ccb82617a790"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=300, must-revalidate
x-amz-cf-id
Hrq1apGsz06CaGv80Tpd5U5N0qA7BMZx59mdVTYLTfVuGhsyqivSmQ==
2.1853cb8b.chunk.js
fantasy.afl.com.au/static/js/ 		2 MB
434 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/static/js/2.1853cb8b.chunk.js
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f847475749b7ab75882b572fc2e44df33f5e7307f030a19e363e2ec90ffeaa4

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:50 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 05:40:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"aace6d680b09055422e819e2ba03aee4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=300, must-revalidate
x-amz-cf-id
lppPjUmu0wDnKNI2bRXzUPZiIiL7ALrTS8ci7yOyYFvKx4zANSLIfA==
main.440012c3.chunk.js
fantasy.afl.com.au/static/js/ 		2 MB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/static/js/main.440012c3.chunk.js
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
832d5c27f879af7287af4a2941625c92163dbc232f268537d065e059e6080020

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:50 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 05:40:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"db5083efd744f3e36df3909f288097fe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=300, must-revalidate
x-amz-cf-id
Ufz19omfQClVIyWKvRK6twoUCHV9MwCCTmU3_zhsFkFGVLg3fc41MA==
satellite-572becbd64746d251d0005e8.js
assets.adobedtm.com/b115bc50b73a685b73a5ec23570f976910498851/scripts/ 		97 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b115bc50b73a685b73a5ec23570f976910498851/scripts/satellite-572becbd64746d251d0005e8.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b115bc50b73a685b73a5ec23570f976910498851/satelliteLib-e77072e2e4da7eea0556fdc8c500cab830c90752.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
06c2a2b5b8953cde223282139a1002ad22cb3ab1acdde40d645fa5ed3c9c913b

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
gzip
last-modified
Mon, 15 Feb 2021 03:28:53 GMT
server
AkamaiNetStorage
etag
"5fcf66f80ba04c66b9af16698f459c13:1613359733.061547"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
115
expires
Mon, 08 Mar 2021 18:00:51 GMT
launch-EN3d02652f91254186bbc3ab768d3098b9.min.js
assets.adobedtm.com/ 		284 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b115bc50b73a685b73a5ec23570f976910498851/satelliteLib-e77072e2e4da7eea0556fdc8c500cab830c90752.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9a3ba240d747439c40a370f626c6911b79eac30b73f282ffb494efaaed9d21ee

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 02:10:42 GMT
server
AkamaiNetStorage
etag
"cb5846bca38b495ff98dbdf04a69d9d7:1614910242.140972"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
86164
expires
Mon, 08 Mar 2021 18:00:51 GMT
gtm.js
www.googletagmanager.com/ 		83 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WCXRB7K
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1544682c343ab10d6898028581ba101fb3b3f8205bfbaed51f2aaa807a872242
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32773
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 16:19:27 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Mar 2021 17:00:51 GMT
sprite.svg
fantasy.afl.com.au/bphf/res/svg/ 		10 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/bphf/res/svg/sprite.svg
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ecfc1a1b822694178ef1c477b46c8fd0004822dbb7ba0205a979b773bd32f7e

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 05:40:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"94b57a9304e1cc1b179949a46ac32efc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=300, must-revalidate
x-amz-cf-id
CEyX7ONXnqWa1As5YXjVbJNx2DE88zDzrtmHv0VAcChytiYZh0I8vA==
gravur.woff
fantasy.afl.com.au/bphf/res/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fantasy.afl.com.au/bphf/res/fonts/gravur.woff
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/bphf/res/css/tmhf.src.2.0.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ee00:4:b9ed:89c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23e75f31b020cf5b03acdf2d58500a51bbbaec32f2973356e309f9416b24400b

Request headers

Origin
https://fantasy.afl.com.au
Referer
https://fantasy.afl.com.au/bphf/res/css/tmhf.src.2.0.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:52 GMT
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified
Wed, 24 Feb 2021 05:40:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"7f58e0e01e2ec26aab38b122091831cc"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
max-age=300, must-revalidate
access-control-allow-credentials
true
x-cache
RefreshHit from cloudfront
content-length
64411
x-amz-cf-id
b8N8TLcWgsAA16753taOHWcbVqxfJjjZ149sR9dbWoWcEgDduU7ihQ==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1615222851164
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1615222851164
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1615222851164
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
261ae63bc59f647813ae2a233005d0fa9d92af00b7f6072ad53423354c5e5d47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v089-043e1b523.edge-irl1.demdex.com 5.80.6.20210202104731 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
KwWPG0jQTUw=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://fantasy.afl.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1148
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://fantasy.afl.com.au
X-TID
qhoIhOA9S14=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1615222851164
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=399a42e1c9628c4768c2b6656212a78e&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8290a640e8a8219f1ba627f0912af96ab7e889d91ac8848e66d97857cd8c0c33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://fantasy.afl.com.au
Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
LboV2I/CnnYbTyS4Y+ygyA==
cross-origin-resource-policy
cross-origin
expires
Tue, 08 Mar 2022 16:16:49 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60546
x-fb-rlafr
0
x-fb-debug
aiSN/D7tcUJHku7G2ne459cjM64FXIiihmm5IU8g2LVfMWjt/jzAhCS6joEpIiCO6gAQ8ueNz9FgONUqh1Lvvw==
x-fb-trip-id
664085054
x-fb-content-md5
e48ef2d5b706f95b34ced5e379a4d2f8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 08 Mar 2021 17:00:51 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag
"016891fb5bd74706058b47d368c85c52"
timing-allow-origin
*
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-au.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding
gzip
etag
W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified
Mon, 12 Oct 2020 13:35:53 GMT
server
AmazonS3
age
38693
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 08 Mar 2021 06:15:59 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Gp_YPplQFhHxe9N9FrF-8mULYAjsxynT8ObUNQmFR740IR8eAz-m_w==

Redirect headers

location
https://cdn-gl.imrworldwide.com:443/v60.js
date
Mon, 08 Mar 2021 17:00:51 GMT
server
awselb/2.0
content-length
134
content-type
text/html
online.php
medrx.telstra.com.au/ 		0
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://medrx.telstra.com.au/online.php
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.66.166.227 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-166-227.ap-southeast-2.compute.amazonaws.com
Software
Apache / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 17:00:52 GMT
Cache-Control
no-cache, no-store
X-Content-Type-Options
nosniff
Server
Apache
X-Powered-By
PHP/7.1.33
X-Cache
MISS from medrx.telstra.com.au
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCXRB7K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3495
date
Mon, 08 Mar 2021 16:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 08 Mar 2021 18:02:36 GMT
gtm.js
www.googletagmanager.com/ 		130 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W3TT97S&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65f4f742d803c68f8d8b7f47b9a1747f14227786440f56a54ce5b4939a5ee339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 16:19:27 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Mar 2021 17:00:51 GMT
RC4ef26434591f4430b69e469f51bfd9c6-source.min.js
assets.adobedtm.com/475abcba9222/385343287bec/cc3d654f90c3/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/475abcba9222/385343287bec/cc3d654f90c3/RC4ef26434591f4430b69e469f51bfd9c6-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9c752f7586f1eb17608cf5afce2855dcc4bf4c7f194046204dd5b9c0c1cbe721

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 02:10:43 GMT
server
AkamaiNetStorage
etag
"02e944722f518b9b6924debfe7e79aca:1614910243.166129"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1543
expires
Mon, 08 Mar 2021 18:00:51 GMT
m-outer-8dc667e22429e9795dce1a8237a76325.html
js.stripe.com/v3/ Frame 480B 		215 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-8dc667e22429e9795dce1a8237a76325.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
720d8b5230522b836bd94ee27f388976a2da5f18b4c9a6474cd5f047f8380751
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-8dc667e22429e9795dce1a8237a76325.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fantasy.afl.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fantasy.afl.com.au/

Response headers

x-amz-id-2
k+ITkeyvCB/TFXODPq1IwGQVcvquoywmWWIStWnR+EseHLQ325w0NnT5v1qskh+uRINNkY8QQPE=
x-amz-request-id
A8EKQD1GDXA455A1
last-modified
Wed, 03 Mar 2021 22:21:03 GMT
etag
"8dc667e22429e9795dce1a8237a76325"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Mon, 08 Mar 2021 17:00:51 GMT
via
1.1 varnish
age
204
x-served-by
cache-hhn4026-HHN
x-cache
HIT
x-cache-hits
566
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
186
collect
www.google-analytics.com/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=950770967&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.afl.com.au%2F&dp=%2F&ul=en-us&de=UTF-8&dt=AFL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=331363822&gjid=1344618742&cid=1634222645.1615222852&tid=UA-47034296-4&_gid=1377982252.1615222852&_r=1&gtm=2wg2o0WCXRB7K&z=1657678281
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=636852149691014&ev=fb_page_view&dl=https%3A%2F%2Ffantasy.afl.com.au%2F&rl=&if=false&ts=1615222851665&sw=1600&sh=1200&at=
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 08 Mar 2021 17:00:51 GMT
Cookie set dest5.html
telstra.demdex.net/ Frame 91A9 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telstra.demdex.net/dest5.html?d_nsid=0
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.35.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-35-96.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
telstra.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fantasy.afl.com.au/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=64852767245849908402381415993328306619
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fantasy.afl.com.au/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 11 Feb 2021 14:59:27 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=64852767245849908402381415993328306619;Path=/;Domain=.demdex.net;Expires=Sat, 04-Sep-2021 17:00:51 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
WWCk3zIbStE=
Content-Length
2785
Connection
keep-alive
id
infos.telstra.com.au/ 		48 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://infos.telstra.com.au/id?d_visid_ver=2.1.0&d_fieldgroup=A&mcorgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&mid=65068540440405024502396148852972510577&ts=1615222851673
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
d1955be319386e99c21fde5dad6059a40d9e25f4713b4cec44053593b381fe39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5955cb7dcf-hlctz
vary
Origin
x-c
main-1422.I3bac54.M0-478
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YEZYQwAAAFzEmAHZ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=64852767245849908402381415993328306619
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEZYQwAAAFzEmAHZ
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEZYQwAAAFzEmAHZ
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v089-093656234.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
7juADw4cTrY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEZYQwAAAFzEmAHZ
Date
Mon, 08 Mar 2021 17:00:51 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
match
bee.imrworldwide.com/v1/clients/ 		22 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bee.imrworldwide.com/v1/clients/match?client_id=bigpond&url=https://fantasy.afl.com.au/
Requested by
Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-36.dus51.r.cloudfront.net
Software
/
Resource Hash
d48612647a56d2432d1127569d226693dc0e985eb8e6aec2967e91e8edeed33a
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
DUS51-C1
x-frame-options
DENY
x-cache
Error from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
access-control-allow-credentials
true
strict-transport-security
max-age=25920000; includeSubDomains
vary
Accept-Encoding
content-length
46
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-id
u5gh30B3Qz5QcO_yX5awmAsDlSO7tjZbWx4ZIyBmiX3kOFvHSt7dTA==
m
secure-au.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1615222851688&ci=bigpond&js=1&cg=0&ts=main.440012c3.chunk.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Ffantasy.afl.com.au%2F&sr=1600...
  • https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1615222851688&ci=bigpond&js=1&cg=0&ts=main.440012c3.chunk.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Ffantasy.afl.com.au%2F&sr=1600...
44 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1615222851688&ci=bigpond&js=1&cg=0&ts=main.440012c3.chunk.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Ffantasy.afl.com.au%2F&sr=1600x1200&tz=1&ja=1
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.118.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:51 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-au.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:51 GMT
server
nginx
location
https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1615222851688&ci=bigpond&js=1&cg=0&ts=main.440012c3.chunk.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Ffantasy.afl.com.au%2F&sr=1600x1200&tz=1&ja=1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-au.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
m-outer-ab393e3979b66b4140895f56a37b902d.js
js.stripe.com/v3/fingerprinted/js/ Frame 480B 		1 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-ab393e3979b66b4140895f56a37b902d.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-8dc667e22429e9795dce1a8237a76325.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-8dc667e22429e9795dce1a8237a76325.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
content-encoding
gzip
vary
Accept-Encoding
age
201
via
1.1 varnish
x-cache
HIT
content-length
699
x-amz-id-2
6cZrJdnAnuRyIfpnJjO/5HJdGJiCNRFN0r8Sszm2Zfnx7xYAHymEsBfbOXtclFIzqESBvUzmNmI=
x-served-by
cache-hhn4026-HHN
timing-allow-origin
*
last-modified
Wed, 03 Mar 2021 22:21:01 GMT
server
AmazonS3
etag
"356a16407e7a019ffdf35f454b7438a9"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
3VJBYP0ZSEYYVEA4
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
522
inner.html
m.stripe.network/ Frame D047 		33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-ab393e3979b66b4140895f56a37b902d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.stripe.com/

Response headers

server
nginx
content-type
text/html; charset=utf-8
last-modified
Fri, 04 Dec 2020 19:17:49 GMT
etag
W/"5fca8b5d-84a0"
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Mon, 08 Mar 2021 17:00:51 GMT
age
40
x-served-by
cache-sea4462-SEA, cache-hhn4026-HHN
x-cache
HIT, HIT
x-cache-hits
1, 141
x-timer
S1615222852.762524,VS0,VE0
vary
Accept-Encoding
content-length
12226
s72799084122905
infos.telstra.com.au/b/ss/telstrabpbigpondprd,telstrabpaflprd/1/JS-2.1.0/ 		43 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infos.telstra.com.au/b/ss/telstrabpbigpondprd,telstrabpaflprd/1/JS-2.1.0/s72799084122905?AQB=1&ndh=1&pf=1&t=8%2F2%2F2021%2018%3A0%3A51%201%20-60&mid=65068540440405024502396148852972510577&aamlh=6&ce=UTF-8&ns=bigpond&cdp=3&pageName=BP%3AAFL%3AFantasy%3Ahome&g=https%3A%2F%2Ffantasy.afl.com.au%2F&c.&pageName=BP%3AAFL%3AFantasy%3Ahome&s_getLoadTime=6&.c&ch=Fantasy&events=event27%2Cevent40&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=BP&v1=BP&h1=BP%7CSport%7CAFL%7CFantasy%7Chome&c2=Sport&v2=Sport&c3=AFL&v3=AFL&c4=home&v4=Fantasy&v5=home&c17=Launch%20PublishDate%3A2021-03-05T02%3A10%3A31Z%20%7C%20sCode%20version%3A2.1.0&v26=AFL&c33=4%3A00AM&c34=Tuesday&c35=Weekday&v40=4%3A00AM&v41=Tuesday&v42=Weekday&c46=New&v46=New&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&AQE=1
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:51 GMT
x-content-type-options
nosniff
x-c
main-1422.I3bac54.M0-478
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 09 Mar 2021 17:00:51 GMT
server
jag
xserver
anedge-5955cb7dcf-m8vvn
etag
3468664661781381120-4621878516536692660
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 07 Mar 2021 17:00:51 GMT
config250.js
cdn-gl.imrworldwide.com/conf/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by
Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89cd6acb63bb6544c2703bcaa5848d00afb5e3038419d29e7772b4433637d669

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GE92KW5gl6UVWP5d3mk9BkbpSTukS4pa
content-encoding
gzip
etag
W/"4fc86794eb1fb03bc1f42c0e0e0dd574"
last-modified
Mon, 08 Mar 2021 15:20:27 GMT
server
AmazonS3
age
1409
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Mon, 08 Mar 2021 16:37:24 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
45rUyjQyRiYi1pGyIpQVGUJDZQM8PT2duidA-gdpRpaSAyWoUlqn3A==
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		174 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3aaaf42bf0ebf882980b8bcfcdbe9a4662fb93015d64fbc4d63fdbd2fff5b3e

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
48i1KLXCzEygN6lVfpDO18yBCPTP4JXh
content-encoding
gzip
etag
W/"1cd612bd5317f2443dde3a70328aa3e8"
last-modified
Wed, 03 Feb 2021 14:35:45 GMT
server
AmazonS3
age
2318
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 08 Mar 2021 16:22:15 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
bWhQbQsnmyR_KxBjbG4qrV8ODKdedkgDgKTrFUwuMm41SfgfcRZVXg==
6
m.stripe.com/ Frame D047 		156 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.2.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
804149215f81b21d8c8beec9fa349cecd5d3fd9dcfb4c6c75747e3b5e4c446ba
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 08 Mar 2021 17:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
ibs:dpid=771&dpuuid=CAESEPJWiGJzYAMPlrY8YWC83As&google_cver=1
dpm.demdex.net/ Frame 91A9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQ4NTI3NjcyNDU4NDk5MDg0MDIzODE0MTU5OTMzMjgzMDY2MTk=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjQ4NTI3NjcyNDU4NDk5MDg0MDIzODE0MTU5OTMzMjgzMDY2MTk=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPJWiGJzYAMPlrY8YWC83As&google_cver=1?gdpr=0&gdpr_consent=
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPJWiGJzYAMPlrY8YWC83As&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v089-0df8f7b71.edge-irl1.demdex.com 5.80.6.20210202104731 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
LTUt/6CrSKk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPJWiGJzYAMPlrY8YWC83As&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 98DD 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fantasy.afl.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSCVER=v1; IMRID=d6996f10-802f-11eb-a5dc-8995b562c930
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fantasy.afl.com.au/

Response headers

content-type
text/html
last-modified
Wed, 03 Feb 2021 14:35:44 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
TUYRoecoF1i4c0OOX1nHzaoGL1pXvxF4
server
AmazonS3
content-encoding
gzip
date
Mon, 08 Mar 2021 16:49:03 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
oPh_KlBZCwJ5XjBXGt-YBPI9B37kwOXlmfRKg5sRKriMCCJn83R_vg==
age
710
ibs:dpid=782&dpuuid=YEZYQwAAAFzEmAHZ
dpm.demdex.net/ Frame 91A9
Redirect Chain
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=YEZYQwAAAFzEmAHZ
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YEZYQwAAAFzEmAHZ
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v089-0ab3e7175.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
Np5nWcW1T6k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1615222852.462986,VS0,VE99
x-served-by
cache-hhn4053-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YEZYQwAAAFzEmAHZ
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
0
ibs:dpid=19566&dpuuid=15EC6FA4-7ABA-4971-8A3F-1FBE55827DD1
dpm.demdex.net/ Frame 91A9
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=15EC6FA4-7ABA-4971-8A3F-1FBE55827DD1
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=15EC6FA4-7ABA-4971-8A3F-1FBE55827DD1
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v089-0df8f7b71.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
z+iTuWhZSF4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

X-Cnection
close
Pragma
no-cache
Date
Mon, 08 Mar 2021 17:00:52 GMT
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
ETag
"1401593-cde-4e5b8598d0580"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=15EC6FA4-7ABA-4971-8A3F-1FBE55827DD1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
Expires
Mon, 08 Mar 2021 17:00:52 GMT
gn
secure-au.imrworldwide.com/cgi-bin/ Frame 98DD 		88 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-au.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,NA&sessionId=lkzi1q4jbbs2u8umlgeptngaxuliv1615222852&c16=sdkv,bj.6.0.0&retry=0
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.118.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
18344242ff477e6698f24b0211d53b9194cef9905ad67c8649e8a41ce614b415

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-au.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
88
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
lkzi1q4jbbs2u8umlgeptngaxuliv1615222852.nuid.imrworldwide.com/ Frame 98DD 		35 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lkzi1q4jbbs2u8umlgeptngaxuliv1615222852.nuid.imrworldwide.com/
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4400:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 05:03:45 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
43027
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
Sgip3F-IOY0PSATY8BF7ntjnAzZB2mawimYjLpZ70d-1zkZ02A2EcA==
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 91A9
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=64852767245849908402381415993328306619&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.46.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v089-08bc437db.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
GoD8Nb+eRMA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Mon, 08 Mar 2021 17:00:52 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame 91A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVaWVF3QUFBRnpFbUFIWg==
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVaWVF3QUFBRnpFbUFIWg==
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615222852.434039,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUVaWVF3QUFBRnpFbUFIWg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 91A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEZYQwAAAFzEmAHZ&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEZYQwAAAFzEmAHZ&expires=90
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615222852.434094,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YEZYQwAAAFzEmAHZ&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 91A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEZYQwAAAFzEmAHZ
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEZYQwAAAFzEmAHZ&C=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEZYQwAAAFzEmAHZ&C=1
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 17:00:52 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 08 Mar 2021 17:00:52 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 17:00:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YEZYQwAAAFzEmAHZ&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Mon, 08 Mar 2021 17:00:52 GMT
bounce
ib.adnxs.com/ Frame 91A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YEZYQwAAAFzEmAHZ
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYEZYQwAAAFzEmAHZ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYEZYQwAAAFzEmAHZ
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 17:00:52 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid
736cc7fe-6d67-4c32-9f5f-a299e6d9d7ec
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 17:00:52 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.143:80
AN-X-Request-Uuid
d2525c63-78f5-4bd4-9a3b-cacf968aac4e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYEZYQwAAAFzEmAHZ
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 91A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YEZYQwAAAFzEmAHZ
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEZYQwAAAFzEmAHZ
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEZYQwAAAFzEmAHZ
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.202.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
via
1.1 google
server
OXGW/16.202.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YEZYQwAAAFzEmAHZ
date
Mon, 08 Mar 2021 17:00:52 GMT
via
1.1 google
server
OXGW/16.202.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 91A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEZYQwAAAFzEmAHZ
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEZYQwAAAFzEmAHZ
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 17:00:52 GMT
X-lat
lhrpug009:0:434
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615222852.469889,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YEZYQwAAAFzEmAHZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 91A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEZYQwAAAFzEmAHZ&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEZYQwAAAFzEmAHZ&img=1&__user_check__=1&sync_id=d72f4c35-802f-11eb-a7de-12c786063f06
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YEZYQwAAAFzEmAHZ&img=1&__user_check__=1&sync_id=d72f4c35-802f-11eb-a7de-12c786063f06
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 17:00:52 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
1
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 08 Mar 2021 17:00:52 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YEZYQwAAAFzEmAHZ&img=1&__user_check__=1&sync_id=d72f4c35-802f-11eb-a7de-12c786063f06
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
69
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 91A9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEZYQwAAAFzEmAHZ&t=2592000&o=0
43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEZYQwAAAFzEmAHZ&t=2592000&o=0
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://telstra.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 09:00:52 PST
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
1ikX6jUC6sOZG+5BOHr1HvdrgXXNdaeiaymbL/JuLx8deqm1FbTWaaPsvi+daRWXTOfnASbvQ3eCkva94i51ug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Mon, 08 Mar 2021 09:00:52 PST

Redirect headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1615222853.607600,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YEZYQwAAAFzEmAHZ&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
gpt.js
www.googletagservices.com/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: medrx.telstra.com.au
URL: https://medrx.telstra.com.au/tmaf/lib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195e20a6cd032835fea6787ca7cb67554e34202c90f230126fd46b772ab44823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"805 / 210 of 1000 / last-modified: 1615205674"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19823
x-xss-protection
0
expires
Mon, 08 Mar 2021 17:00:52 GMT
online.php
medrx.telstra.com.au/ 		22 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://medrx.telstra.com.au/online.php?cb=_telstra_cb_0
Requested by
Host: medrx.telstra.com.au
URL: https://medrx.telstra.com.au/tmaf/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.66.166.227 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-166-227.ap-southeast-2.compute.amazonaws.com
Software
Apache / PHP/7.1.33
Resource Hash
b95293a8046c49f0647f4f03e3d554513cad1528d287ca3b5d071ee0049c6cd3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 17:00:52 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Powered-By
PHP/7.1.33
X-Cache
MISS from medrx.telstra.com.au
Content-Type
application/javascript
Cache-Control
no-cache, no-store
Content-Length
22
afl.js
medrx.telstra.com.au/tmaf/publisher/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medrx.telstra.com.au/tmaf/publisher/afl.js
Requested by
Host: medrx.telstra.com.au
URL: https://medrx.telstra.com.au/tmaf/lib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.66.166.227 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-166-227.ap-southeast-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash
cd356df2a10b530d13988911a99c808609727527ceed45aa99b29d898e46f748

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 17:00:53 GMT
Last-Modified
Thu, 02 Jul 2020 03:02:36 GMT
Server
AmazonS3
x-amz-request-id
2B7A8C4AAA6C1BB5
ETag
"519a0a66386e34fa876097a7d175a059"
X-Cache
MISS from medrx.telstra.com.au
Content-Type
text/javascript
Content-Length
2851
x-amz-id-2
JMdOkwp5mUJlO+nAwcWe8iyA5kR1Rez/Yp0YcgFI/58DtNgHm8/A8HaBnscnyORkm2e2EOD9DfI=
pubads_impl_2021030401.js
securepubads.g.doubleclick.net/gpt/ 		283 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 09:38:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101872
x-xss-protection
0
expires
Mon, 08 Mar 2021 17:00:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_ced&pvsid=4344034038660897&sc=f&level=page&vrg=2021030401&nslots=0&eid=21068602%2C21068111&pub_url=https%3A%2F%2Ffantasy.afl.com.au%2F
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fantasy.afl.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 17:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fantasy.afl.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 17:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4344034038660897&correlator=3355439790342620&output=ldjh&impl=fifs&eid=21068602%2C21068111&vrg=2021030401&ptt=17&sc=1&sfv=1-0-37&ecs=20210308&iu_parts=7414%2CTEL.AFL%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C1x1%2C5x1%2C4x1&ists=4&prev_scp=position%3DBLW1%26above%3Dfalse%26index%3D1%26in_view%3Dfalse%7C%7Cposition%3DBLW1%26above%3Dfalse%26index%3D1%26in_view%3Dfalse%7Cposition%3DBLW1%26above%3Dfalse%26index%3D1%26in_view%3Dfalse&eri=1&cust_params=area%3Dhome%26title%3DAFL%2520Fantasy%26device%3Ddesktop%26keyword%3Daftesting%26bettingOdds%3Dfalse%26inskin_yes%3Dtrue%26excl_cat%3DTelecomms%252CPorn%252CGambling%252CMedia%252CCasino%252CMotor_Vehicles%252CBetting%252CFinance%252CAlcoholic_Beverages%252CFMCG%252CEntertainment_Leisure%252CInsurance%252C2849_Telstra&cookie_enabled=1&bc=31&abxe=1&lmt=1614145221&dt=1615222852984&dlt=1615222850959&idt=1830&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C0%2C0%2C0&adys=0%2C0%2C0%2C0&adks=3802381909%2C2409246889%2C151008879%2C4022246118&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffantasy.afl.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x221%7C1600x221%7C1600x221%7C1600x221&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1634222645.1615222852&ga_sid=1615222853&ga_hid=950770967&ga_fc=false&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1c0674baf2d898bf93f611211e84a1981c51ee11adde7aac42c0c9cfe830a36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		88 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4344034038660897&correlator=4071644951167565&output=ldjh&impl=fifs&eid=21068602%2C21068111&vrg=2021030401&ptt=17&sc=1&sfv=1-0-37&ecs=20210308&iu_parts=7414%2CTEL.AFL%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=position%3DABV1%26above%3Dtrue%26index%3D1%26in_view%3Dtrue&eri=1&cust_params=area%3Dhome%26title%3DAFL%2520Fantasy%26device%3Ddesktop%26keyword%3Daftesting%26bettingOdds%3Dfalse%26inskin_yes%3Dtrue%26excl_cat%3DTelecomms%252CPorn%252CGambling%252CMedia%252CCasino%252CMotor_Vehicles%252CBetting%252CFinance%252CAlcoholic_Beverages%252CFMCG%252CEntertainment_Leisure%252CInsurance%252C2849_Telstra&cookie_enabled=1&bc=31&abxe=1&lmt=1614145221&dt=1615222852994&dlt=1615222850959&idt=1830&frm=20&biw=1600&bih=1200&oid=3&adxs=14&adys=151&adks=3943058510&ucis=5&ifi=5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffantasy.afl.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x15&msz=728x90&ga_vid=1634222645.1615222852&ga_sid=1615222853&ga_hid=950770967&ga_fc=false&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
62a40cb053c165d585b8b741082c33fee77dcb3cf4e02367bafafb2767b74e13
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzVjoOWoe8CFcxK4AodWRwMUQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMzVjoOWoe8CFcxK4AodWRwMUQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27060
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Mon, 08 Mar 2021 17:00:53 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=950770967&t=pageview&_s=1&dl=https%3A%2F%2Ffantasy.afl.com.au%2F&ul=en-us&de=UTF-8&dt=AFL%20Fantasy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=901873067&gjid=554458076&cid=1634222645.1615222852&tid=UA-108262715-1&_gid=1377982252.1615222852&_r=1&gtm=2wg2o0W3TT97S&cd2=unavailable&cd3=unavailable&cd4=unavailable&cd7=unavailable&cd8=unavailable&cd12=unavailable&cd13=unavailable&cd14=unavailable&cd15=unavailable&cd16=unavailable&cd17=unavailable&cd18=unavailable&cd19=unavailable&cd24=unavailable&cd25=unavailable&cd26=unavailable&cd40=65068540440405024502396148852972510577&cd41=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&cd46=unavailable&cd47=unavailable&cd48=unavailable&cd52=unavailable&cd53=unavailable&cd54=unavailable&cd55=unavailable&cd56=unavailable&cd57=unavailable&cd58=unavailable&cd59=unavailable&cd74=unavailable&cd78=unavailable&cd79=unavailable&cd82=unavailable&cd83=unavailable&cd84=unavailable&cd85=unavailable&cd86=unavailable&cd96=null&cd1=1634222645.1615222852&cd101=1634222645.1615222852&z=22139435
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3TT97S&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3497
date
Mon, 08 Mar 2021 16:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 08 Mar 2021 18:02:36 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-108262715-1&cid=1634222645.1615222852&jid=901873067&gjid=554458076&_gid=1377982252.1615222852&_u=aEDAAEABAAAAAC~&z=759782003
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Mar 2021 17:00:53 GMT
content-type
text/plain
access-control-allow-origin
https://fantasy.afl.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-108262715-1&cid=1634222645.1615222852&jid=901873067&_u=aEDAAEABAAAAAC~&z=741448001
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-108262715-1&cid=1634222645.1615222852&jid=901873067&_u=aEDAAEABAAAAAC~&z=741448001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c046da98bedf5cf107416464a4adcba080cacb3972f5c257d6c1094781e2a6d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 08 Mar 2021 17:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6605
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Mon, 08 Mar 2021 17:00:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 50C5 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fantasy.afl.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fantasy.afl.com.au/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Mon, 08 Mar 2021 15:58:45 GMT
expires
Tue, 08 Mar 2022 15:58:45 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3728
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 50C5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 10:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
108272
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Mon, 07 Mar 2022 10:56:21 GMT
container.html
1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4F71 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fantasy.afl.com.au/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://fantasy.afl.com.au/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Mon, 08 Mar 2021 17:00:53 GMT
expires
Tue, 08 Mar 2022 17:00:53 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Mon, 08 Mar 2021 17:00:53 GMT
index_728x90.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/ Frame 7211 		122 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280102cce1009ed068897e255629f68feda337bb3e8ecf0d2daa46bd245ebfd2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Mon, 08 Mar 2021 05:46:05 GMT
expires
Tue, 08 Mar 2022 05:46:05 GMT
last-modified
Fri, 26 Feb 2021 12:09:38 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
41191
age
40488
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 4F71 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C0dpfRVhGYIyfA8yVgQfZuLCIBYuyvtRhtc6Dh5IN-pvn-fMhEAEgypLVH2DRgbmC0AegAYrj07YDyAEJqQLmGyxjHWmFPuACAKgDAcgDCKoE2QFP0OyZYThfD1L-BhZENETBuMNei_leZtyKpawET5Se8ReHGXJf6ZbJe8M8tgGi6dOO8qJOFuYKtqnWtm2M_ybGmnbMm4vzhxlJKJn66Jj_kc_OW8rcHZbtdZivd1kyFPlZxkRTDXI_8-AUGbkgFYqjM-hqPQERCHe6lnD8EllsfDVKK9ab4llgzrZwqqHK_GQvNHen0Y7p9vcGcJWaOOceIfe61NM0uewXLzwCpFiOotQUa8_V-Z6entqfpahbqvJSXhRw13ejCuprdsNAwdRyA4nGdWSD2XYHwASCkJzNugPgBAGgBi6AB5fGuieoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQm84_0ggJCIDhgHAQARgdgAoDyAsB2BMDshcaChgIABIUcHViLTI5OTU2NTk4MDE3MjAyMjc&sigh=-mxe6_KLHmc&template_id=419&tpd=AGWhJmvM1-yw3zDYEQ1r_5h0ffz0oaINgu7iMH8ptmFMYB6qJA
Requested by
Host: fantasy.afl.com.au
URL: https://fantasy.afl.com.au/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 4F71 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
URL: https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:58:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Mar 2021 16:58:33 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 4F71 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
URL: https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Mar 2021 17:00:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F71 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
URL: https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 17:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Mon, 08 Mar 2021 17:00:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 4F71 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
URL: https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 16:51:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 22 Mar 2021 16:51:19 GMT
l
www.google.com/ads/measurement/ Frame 4F71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-3R1idGPxlYym2dEJXv-ySqECTFAUXSMEeOBAOw8olTE5Z5v4PRB7jmsIU_1_G6cbPyn8
Requested by
Host: 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
URL: https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7211 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 04:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43891
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 09 Mar 2021 04:49:22 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7211 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 13:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14003
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 09 Mar 2021 13:07:30 GMT
image-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/ Frame 7211 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/image-0.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed05607812515b3c528e96f69fa54f452cddaa82a20749d3f228efb27ca89524
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
484602
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1805
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 12:09:38 GMT
server
sffe
date
Wed, 03 Mar 2021 02:24:11 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Mar 2022 02:24:11 GMT
image-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/ Frame 7211 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/image-1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c306b49cb3fa9f687583215a3b5bc4b8d8aa575de5631bda0c46dae9cafd0392
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
290046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3487
x-xss-protection
0
last-modified
Fri, 26 Feb 2021 12:09:38 GMT
server
sffe
date
Fri, 05 Mar 2021 08:26:47 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 08:26:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4177 		143 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
URL: https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnokPYzazQAKilIBYR6wtXy5Qp-vuFajwi9jG1TacfVjDPRXDJhAc-4aW1pxQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 08 Mar 2021 16:23:20 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2253
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4F71 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
499c58450f88a43a4ce6e6218e7802b75090a197a64198f679facb701edacd01

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 7211 		6 KB
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:900,900italic,300italic&subset=latin
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16990340701232445691/y21-w09-udsalg-80-display-728-90/index_728x90.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f34c507a6af3053b0b121c7a1325bcc4388ac4c62c4831b350374a0049f3081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 15:49:37 GMT
server
ESF
date
Mon, 08 Mar 2021 17:00:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Mar 2021 17:00:53 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7211 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900,900italic,300italic&subset=latin
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 03:20:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:17 GMT
server
sffe
age
481197
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15712
x-xss-protection
0
expires
Thu, 03 Mar 2022 03:20:56 GMT
KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7211 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900,900italic,300italic&subset=latin
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95e60b9391931dc4d5cc9b3b0c28b0eb2751b9066037f7594ba76c47739c187b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:45:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:24 GMT
server
sffe
age
598501
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17520
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:45:52 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7211 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900,900italic,300italic&subset=latin
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e02524ebecd813fc4bcb40336bb2b033871b1fdcbd234229dee4189dc44850d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:39:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
598903
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17448
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:39:10 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4177
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
164 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
URL: https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnokPYzazQAKilIBYR6wtXy5Qp-vuFajwi9jG1TacfVjDPRXDJhAc-4aW1pxQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 08 Mar 2021 17:00:53 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 08-Mar-2021 18:00:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 08 Mar 2021 17:00:53 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 08 Mar 2021 17:00:53 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030401&jk=4344034038660897&bg=!n5ylnN_NAAWsVXnBrDsAKQB2-DxaiGGKC8HgGHT9t3loBPPX7ogYLSfWYeEqJ5VfTXdcSPqXIQSdAgAAAZdSAAAADWgBBwoBS1fZ1GI4im3TFa27cPjO3EMntcXplWZAcjV73ImqP_acIrMxX56MlgmhIqpa9Ni8O4V_9m4_aXNJ3Quj1ycKvHWFFrzYukxhSxgIVIQxPf592a-NgSAjO5-6Tz33wolT9jkx8kHwFx4eXl-M7hYdxXIirohQL-4BGbjzeOBTSYUNv5G77KiCSjl5ZHg4igT5VANRS0kVwSd6AkxNSbMdRU_dIZ3nSXMa7Zk5hpePsq812u1rt9Oq7m7ndF97ZGp3RSaDo44eGZFI7VoxJijdYweGiJ_PQVQpkFjtibMyFjbyPj6JgJ2clyIhqNmFzGEEWWxxfZqFdCB9Y2Em8g1nMqlfoNP1S4cYItqewqLNWCdJ1llGCdiEdil4z2IXsg88UYhlypYpv0aMo0SmH2yUbj4Uktg7zk7QCNexo-rwPrQ9NEhApoG1FTvh562ZAgXPwFuNQsmBq7XhFnh3GfnDiDPL3dZIgO4kDmFMJfkfniUXQyBTKgv-H3eR6Y1AuRurS3sCmcUXoHe5Ib1MzlL3RH1sEGZ-9s2JJD909SZp9zNUgqkQuFHSGpaMgXtSHo43KeiiAsaOO-00l2EX8-JbURXFitqu1hlCx3FwQpqz5Cp0MT1WD1yAiwjFkDPp77zSUp_v7as97blGM2MO_8afxFpxbfeDCbUkyOACD3Vh5OlAHHiqrYdQsukX0l2Ygl5XqhGEmLORg1vxWML6r8rj1Fge2kCE9gKeAg4X56_H9D2fA7nZ21suF4lF-afei5I2bwd18kepi6pPF8ai8NgxCOT0YvX4VfH1tR9f_LQpgwibgddgaV3lMNil7nnwWEqUh-FFqOlRt1K-dVBC1J0aN91MRSDqvCQzByeLQ2Q_TOXnV2qDj-oiJAFxTx1zwPJs7kOWAYx4IdVHbaOOwF5KzSFj6ekndxy-t1TPNO74_2DWcMrEFXXcZ49WJil3TvjNgoqvDes3Yjcl_HPm1vsc9M7LtBcKzq_7GuTfU8GgSwWxwG7kgjnb4AuwDsETcC4tNBnFgcYFfCQ7CYsnzKytGnCModOGF6Qvk5S6mtuYZ0VGK1aG_tTygdn8qUw0hjqtVjoR7AxZK9NwApcsGlWcSEwIoE0-fPoH-OmUKLX7zaXD--Gw
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4F71 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CimqwRVhGYIyfA8yVgQfZuLCIBYuyvtRhtc6Dh5IN-pvn-fMhEAEgypLVH2DRgbmC0AegAYrj07YDyAEJqQLmGyxjHWmFPuACAKgDAaoE2QFP0OyZYThfD1L-BhZENETBuMNei_leZtyKpawET5Se8ReHGXJf6ZbJe8M8tgGi6dOO8qJOFuYKtqnWtm2M_ybGmnbMm4vzhxlJKJn66Jj_kc_OW8rcHZbtdZivd1kyFPlZxkRTDXI_8-AUGbkgFYqjM-hqPQERCHe6lnD8EllsfDVKK9ab4llgzrZwqqHK_GQvNHen0Y7p9vcGcJWaOOceIfe61NM0uewXLzwCpFiOotQUa8_V-Z6entqfpahbqvJSXhRw13ejCuprdsNAwdRyA4nGdWSD2XYHwASCkJzNugPgBAGgBi6AB5fGuieoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQm84_0ggJCIDhgHAQARgdgAoDyAsB2BMDshcaChgIABIUcHViLTI5OTU2NTk4MDE3MjAyMjc&sigh=ZSe87Thvicc&vt=1&template_id=419
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 4F71 		42 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUgvQIOrqfPqMmNEmEb3VaipaCXrcn_sgZMYkt_TTruPeAh6DpxUBGq_abVkl29C18Y5efdlKbi5zbIuDbNBptHvhgAFtRbwJzq3uIMChUwpFuU_WwywpaUUbh5ZDxuRdeX1kV1nIwLF9Bskjw4i80&sai=AMfl-YTAAP_8VLF-yLlJ1Vh85f5HeAiveUvuynpm77QFsBINafwmZKlRReMmDz4jKgWT0o7rJrGC1QIhmV0fLjBnmd-2gEaxaMEltAaCxiWGNoYs6sm4xE8PFV8vbJl3&sig=Cg0ArKJSzNgSRbuosNiwEAE&cid=CAASPeRoBAE5bkfcnwjcquQ1r1779w0AWcM_g5Dggo1q5E6D4xUUmAJZMHQyFAA7IYosUby-H4DYD8UdTly7hq4&id=osdim&mcvt=1014&p=151,436,241,1164&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3943058510&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615222853362&dlt=29&rpt=212&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gn
secure-au.imrworldwide.com/cgi-bin/ 		44 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-au.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=bigpond&ch=bigpond_c00_0&sessionId=lkzi1q4jbbs2u8umlgeptngaxuliv1615222852&asn=0&prv=1&c6=vc,c00&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,1615222852317238&c30=bldv,6.0.0.582&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Ffantasy.afl.com.au%2F&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1615222854&rnd=595941
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.118.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer
https://fantasy.afl.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 17:00:54 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-au.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Sentry object| __SENTRY__ object| _satellite function| reportingBeacon object| tmxh object| dataLayer object| _telstra object| html5 object| Modernizr boolean| __satelliteLoaded function| AppMeasurement_Module_ActivityMap function| Visitor string| s_account function| visitorIDServiceGetCookieDomain object| BP_SC object| tDate function| s_doPlugins function| s_getLoadTime function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| s_readCookie function| s_setCookie string| s_userDataCookie undefined| cnValue function| addCustID function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| tmLoadScript number| sp object| domainArray object| s_c_il number| s_c_in object| visitor object| s object| k_sc_param function| DIL number| s_objectID number| s_giq object| __webpackStripeJSv3Jsonp function| Stripe function| fbAsyncInit object| google_tag_manager object| FB object| tmx function| svg4everybody function| getCPTdata function| setCPTCookie object| webpackJsonptds-afl object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| google_tag_data string| GoogleAnalyticsObject function| ga function| _ object| gaplugins object| gaGlobal object| gaData function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| NOLBUNDLE function| click123 object| VBM string| teamName object| aflSitesArray string| s_tnt object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt number| s_loadT object| s_i_telstrabpbigpondprd_telstrabpaflprd string| key function| _typeof object| ns object| paramsPassed object| stateObject string| BUILDVERSION object| stateEvents object| googletag function| _telstra_cb_0 number| _telstra_cb__count object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _mcn object| google_image_requests object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| GoogleGcLKhOms object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

17 Cookies

Domain/Path Name / Value
.imrworldwide.com/ Name: SSCVER
Value: v1
.demdex.net/ Name: dextp
Value: 771-1-1615222852301|782-1-1615222852324|19566-1-1615222852332|30064-1-1615222852355|144230-1-1615222852369|144231-1-1615222852392|144232-1-1615222852413|144233-1-1615222852423|144234-1-1615222852436|144235-1-1615222852452|144236-1-1615222852467|144237-1-1615222852482
.afl.com.au/ Name: s_ppv
Value: BP%253AAFL%253AFantasy%253Ahome%2C100%2C543%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.afl.com.au/ Name: s_ppvl
Value: BP%253AAFL%253AFantasy%253Ahome%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.afl.com.au/ Name: s_cc
Value: true
.afl.com.au/ Name: gpv_e48
Value: BP%3AAFL%3AFantasy%3Ahome
.afl.com.au/ Name: gpv_e44
Value: AFL
.demdex.net/ Name: demdex
Value: 64852767245849908402381415993328306619
.afl.com.au/ Name: AMCV_98DC73AE52E13F1E0A490D4C%40AdobeOrg
Value: 1099438348%7CMCIDTS%7C18695%7CMCMID%7C65068540440405024502396148852972510577%7CMCAAMLH-1615827651%7C6%7CMCAAMB-1615827651%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1615230051s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18702%7CvVersion%7C2.1.0
.afl.com.au/ Name: gpv_p43
Value: BP%3AAFL%3AFantasy%3Ahome
.afl.com.au/ Name: s_nr
Value: 1615222851927-New
.afl.com.au/ Name: AMCVS_98DC73AE52E13F1E0A490D4C%40AdobeOrg
Value: 1
.fantasy.afl.com.au/ Name: _gid
Value: GA1.4.1377982252.1615222852
.fantasy.afl.com.au/ Name: _gat_UA-47034296-4
Value: 1
.imrworldwide.com/ Name: IMRID
Value: d6996f10-802f-11eb-a5dc-8995b562c930
.afl.com.au/ Name: gpv_p49
Value: AFL
.fantasy.afl.com.au/ Name: _ga
Value: GA1.4.1634222645.1615222852

15 Console Messages

Source Level URL
Text
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api log URL: https://fantasy.afl.com.au/(Line 1)
Message:
[object Object]
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.
console-api warning URL: https://assets.adobedtm.com/launch-EN3d02652f91254186bbc3ab768d3098b9.min.js(Line 7)
Message:
🚀 _satellite.notify is deprecated. Please use the `_satellite.logger` API.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ed8471a80b2e39d721b2311b49a580c.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
assets.adobedtm.com
bee.imrworldwide.com
browser.sentry-cdn.com
cdn-gl.imrworldwide.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
fantasy.afl.com.au
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
infos.telstra.com.au
js.stripe.com
lkzi1q4jbbs2u8umlgeptngaxuliv1615222852.nuid.imrworldwide.com
m.stripe.com
m.stripe.network
medrx.telstra.com.au
pagead2.googlesyndication.com
pixel.rubiconproject.com
ps.eyeota.net
rtd-tm.everesttech.net
rtd.tubemogul.com
secure-au.imrworldwide.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
telstra.demdex.net
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
13.226.159.36
142.250.185.226
15.237.136.106
151.101.112.176
151.101.114.49
184.30.20.241
184.30.24.198
185.64.190.80
185.94.180.126
2600:9000:206f:ee00:4:b9ed:89c0:93a1
2600:9000:211e:4400:1d:667e:2a40:93a1
2600:9000:2182:3200:2:42d9:3100:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:400c:c1b::9d
2a02:26f0:7100:491::1e80
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::729
34.217.2.156
34.249.46.6
35.244.159.8
37.252.173.62
52.57.150.20
54.171.42.33
54.66.166.227
54.77.118.208
54.77.35.96
69.173.144.139
042ce59bc63660dada99fe0024cbd2f32987cfe9d6170958c1c31be41f4776a3
06c2a2b5b8953cde223282139a1002ad22cb3ab1acdde40d645fa5ed3c9c913b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1544682c343ab10d6898028581ba101fb3b3f8205bfbaed51f2aaa807a872242
1567222d20b8b8dea098e142e83ce10c5c21543fd379a553f8c81f265cc79ec7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18344242ff477e6698f24b0211d53b9194cef9905ad67c8649e8a41ce614b415
195e20a6cd032835fea6787ca7cb67554e34202c90f230126fd46b772ab44823
19adae98c02c8a9c78931d6da857ecdadfdec7bd40c0ba0c555d9edea5d862b5
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
1c0674baf2d898bf93f611211e84a1981c51ee11adde7aac42c0c9cfe830a36d
23e75f31b020cf5b03acdf2d58500a51bbbaec32f2973356e309f9416b24400b
261ae63bc59f647813ae2a233005d0fa9d92af00b7f6072ad53423354c5e5d47
280102cce1009ed068897e255629f68feda337bb3e8ecf0d2daa46bd245ebfd2
42735a9da7836797ea63ddf5d7f536c7aa7d7892514c41ff2908cfc62c79e2cd
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
447a58c80982da410be8409d465bd8d05ce9ae4211a6e5d22f9eda825633a1ac
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
499c58450f88a43a4ce6e6218e7802b75090a197a64198f679facb701edacd01
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecfc1a1b822694178ef1c477b46c8fd0004822dbb7ba0205a979b773bd32f7e
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ca825eb7c6cc817e7ceb33a6ee6d28bfda612dc47cad6c50335adf913306944
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
62a40cb053c165d585b8b741082c33fee77dcb3cf4e02367bafafb2767b74e13
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
65f4f742d803c68f8d8b7f47b9a1747f14227786440f56a54ce5b4939a5ee339
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f34c507a6af3053b0b121c7a1325bcc4388ac4c62c4831b350374a0049f3081
6f847475749b7ab75882b572fc2e44df33f5e7307f030a19e363e2ec90ffeaa4
720d8b5230522b836bd94ee27f388976a2da5f18b4c9a6474cd5f047f8380751
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
804149215f81b21d8c8beec9fa349cecd5d3fd9dcfb4c6c75747e3b5e4c446ba
8290a640e8a8219f1ba627f0912af96ab7e889d91ac8848e66d97857cd8c0c33
832d5c27f879af7287af4a2941625c92163dbc232f268537d065e059e6080020
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89cd6acb63bb6544c2703bcaa5848d00afb5e3038419d29e7772b4433637d669
95e60b9391931dc4d5cc9b3b0c28b0eb2751b9066037f7594ba76c47739c187b
9a3ba240d747439c40a370f626c6911b79eac30b73f282ffb494efaaed9d21ee
9c752f7586f1eb17608cf5afce2855dcc4bf4c7f194046204dd5b9c0c1cbe721
9e02524ebecd813fc4bcb40336bb2b033871b1fdcbd234229dee4189dc44850d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3aaaf42bf0ebf882980b8bcfcdbe9a4662fb93015d64fbc4d63fdbd2fff5b3e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
ae62dd075f4359b389158ec0ce732971da832938b5d630a24eb2e89111b00e1b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b95293a8046c49f0647f4f03e3d554513cad1528d287ca3b5d071ee0049c6cd3
c046da98bedf5cf107416464a4adcba080cacb3972f5c257d6c1094781e2a6d9
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c124c77cdd218b05991e417897ed624576341e2ef54307447869afb0063c1838
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c306b49cb3fa9f687583215a3b5bc4b8d8aa575de5631bda0c46dae9cafd0392
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
cd356df2a10b530d13988911a99c808609727527ceed45aa99b29d898e46f748
cfc415ab91068de39d43b4067df9a0de6f525552e7cc6ebfce5bfa73230569e1
d1955be319386e99c21fde5dad6059a40d9e25f4713b4cec44053593b381fe39
d48612647a56d2432d1127569d226693dc0e985eb8e6aec2967e91e8edeed33a
d6028227100b120bdf1e105830d24255a868af03897d02064eba16cffc903d57
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ed05607812515b3c528e96f69fa54f452cddaa82a20749d3f228efb27ca89524
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
ee1e414f654c31752f80df80e9874790c660df46d930eb7e7e3919d92e8c0554
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f33ff8c7fbc1303a7c42cf242835af1c23357962a57ec6bec6cf8e7671cee9